Checking Apple products: Are they really impenetrable?

Whether it’s MacBooks, iPhones, or other Apple products, users check the hardware of these products the most. From the type of chips to memory space and other features, Apple customers always seek the latest in their devices.

However, regarding the operating system—whether macOS or iOS—many believe that Apple products are invulnerable and don’t require scrutiny. The reality, however, is that Apple products are not as impenetrable as many believe, given that cybercriminals are finding ways to infiltrate these systems.

For context, Apple’s desktop operating system has been steadily gaining ground in the past decade, and currently commands almost 18% of desktops worldwide – a 10% increase from 2013, according to Statcounter. However, Macs are typically targeted less than Windows computers. Most threat actors are devoting time and resources to exploit the larger attack surface provided by Microsoft.

According to Bitdefender’s macOS Threat Landscape Report, although targeting is less frequent on Apple products, findings show that cybercriminals will go to greater lengths to get Mac users to click malicious links to implant malware such as trojans and ransomware. The report, revealed at BlackHat USA 2023, also unveiled the top threats and trends targeting the macOS operating system over 12 months.

A prevailing myth is that Apple products, like macOS and iOS, don’t require cybersecurity checks and are immune to cybercriminal targeting and campaigns. On the contrary, findings from the report showed Mac users continue to be targeted by numerous cyber threats.

Apple users now face the need to patch actively exploited vulnerabilities, as threat actors utilize social engineering and spray-and-pray tactics. Moreover, spyware vendors are increasingly targeting Apple’s iOS, which shares many common components with macOS, like the web rendering engine WebKit.

For instance, last year, Apple users were urged to promptly update their iPhones, iPads, and Macs to guard against two security vulnerabilities, which could let attackers seize complete control of the devices. In a report by The Guardian, Apple stated that there are credible reports of hackers exploiting these vulnerabilities against users.

One such vulnerability impacts the kernel—the foundational layer of the OS that’s common across these devices, as per Apple. The other affects WebKit, the underlying technology of the Safari web browser.

Apple products check for threats

Bitdefender’s report highlighted three key threats targeting Apple users. They are Trojans, Adware and Potentially Unwanted Applications.

Trojans – the biggest threat to Macs which accounts for more than half of threats detected. Threat actors use socially engineered communications (spam, phishing, social media), rigged advertisements (malvertising) and tainted file downloads via torrent or warez websites. Examples of Trojans include EvilQuest, which remains the single most common Trojan targeting Macs, with a 52.7% share. The malware bundles a ransomware component designed to encrypt and pilfer the victim’s files, as well as a keylogger to record keystrokes and steal personal or financial data.

Potentially Unwanted Applications (PUAs) – PUAs are commonly found as freeware, repackaged applications or utility apps (system cleaners) with hidden functionality like data tracking and coin mining. Some PUAs hijack the user’s browser, changing the default search engine and installing plugins without consent. Highly aggressive PUAs can modify third-party apps, download additional (unsolicited) software, and alter system settings. With a 25.3% share, PUAs represent a quarter of ‘executable’ threats to Macs.

Adware – Developers use this to earn revenue by advertising other products, occasionally in an aggressive manner resembling spyware behavior. Adware accounts for more than a fifth of threats targeting Macs. A file-based threat, adware ends up on computers after users wilfully run freeware programs, fake installers, software downloaded from torrents and wares sites, pirated programs, malicious links, malvertising, and others.

While the report acknowledges that Apple enjoys a narrower range of threats than Microsoft’s or Google’s ecosystems, Apple products still need checks.

It is not impenetrable

“Our research shows that this apparent safety net isn’t impenetrable. In fact, this false sense of protection often means malware tailored to infect Macs is better suited to its goals. Threat actors have less attack surface to exploit, so they are forced to optimize their techniques and procedures to ensure better success,” the report stated.

Apple also continues to issue security patches to address critical weaknesses that were said to be ‘actively exploited’ by threat actors. Many of those flaws were found in key components shared by both Macs and iPhones. However, users often delay software updates and security fixes, with statistics revealing that a vast majority of Mac owners still operate on older versions of macOS.

In conclusion, Bitdefender advises Mac users to always use the latest OS version and promptly apply new security patches. Apart from regular checks on Apple products, it’s equally important to never download software from unofficial sources, like torrents and warez sites.

“These hubs harbor most of the threats discussed in this report. Our findings send a clear signal that Mac users are becoming more vulnerable to online threats, making it important to deploy a dedicated security solution to keep watch over any potential malicious activity,” the report concluded.

---

---

---

---