In the battle between Windows and macOS, Apple’s operating system still seems relatively untouched by hackers. However, the increase in MacBook purchases has not escaped hackers who have already deployed specific phishing campaigns.
Recently, we received a fake partnership email from the Bumble application containing a file intended for our sales teams. The message was carefully camouflaged to make us believe that we were talking with people responsible for the dating application.
A cybersecurity expert analyzed the document in question and showed that the file did not contain a partnership proposal, but malware to steal our passwords. No risk for us, because we mainly work on macOS and the malware was designed for Windows.
So are we safe from information threats behind our chrome apple? It is true that the statistics are very reassuring and the risks are low. However, as with parking meters, the fine is never far away, and lately, loot seekers have had a keener eye on the MacBook storefront.
Windows is more targeted by hackers than macOS
Reports on malware detections and the percentage based on the operating system used are numerous, but they vary from one cybersecurity company to another because their statistics are based on customer feedback, and customers use different models depending on their activity. However, there is one thing common to all annual reports: malware targeting macOS represents less than 3% of threats over the last three years.
At Mandiant, 67% of malware families detected are programmed to strike on Windows, at Elastic Search this figure rises to 66%. The rest of the malware is often developed to operate on Linux. Software programmed to attack Mac only represents between 1.5% and 3% of threats.
How to explain it? “ Cybercriminals simply make logical choices. Cyberattacks mainly focus on Windows due to its significant market share », first explains Arnaud Lemaire, technical director of F5 France. Nearly 70% of businesses work on Windows, according to StatCounter. More potential victims, therefore more malware to develop on this interface.
Apple’s operating system is also more compartmentalized and requires numerous accesses, unlike Windows which has a more open ecosystem. There are still few Apple computer parks entirely managed by a company manager, unlike the gigantic fleets of Microsoft workstations in the business districts of each large city.
Arnaud Lemaire also notes that the choice to work on “ Apple supposes a new mattress of knowledge in IT, since we must get out of this first ecosystem on which we have acquired our habits “. Windows is most of the time the first computer we have on hand. It is on this system, naturally, that a large part of the employees, developers, and hackers train and work.
macOS begins to attract hackers
Lots of convincing arguments that have motivated many businesses to migrate to macOS. Until recently, Apple recorded strong growth in the computer market, gaining around 2 points of market share each year for the past two years, attracting the attention of cybercriminals to the Apple brand.
In 2023, malware detected on macOS will jump, reaching 11% of total detections, reports a Malwarebytes study. The criminals have simply adapted the tools of everyday hackers to the Apple interface, starting with phishing campaigns and data theft software.
Last February, the company BitDefender spotted a phishing campaign deploying a new version of Atomic Stealer, malware dedicated to information theft. For cybersecurity experts, Atomic Stealer represents “ one of the biggest threats to Macs “. Generally, the victim downloads the “stealer” inadvertently, through a phishing email or fraudulent site. This will take the form of a .dmg (clean) file, Apple application format, which must then be “dropped”.
« Companies using Mac often represent companies in very specific sectors: design, communication, press, etc. These targets can be particularly attractive to hackers given the data hosted », analyzes Arnaud Lemaire.
The most telling sign of Apple’s appeal to cybercriminals: Lockbit, one of the most feared hacking groups in the cyber sphere, has begun developing ransomware dedicated to MacOS. As Lockbit’s activity was partly curbed by law enforcement, we do not know how successful this project was. The apple flavor remains, for the moment, still out of reach for many cybercriminals.
Related News :