Hackers Target Mac OS X

Wednesday, September 10, 2014 @ 07:09 AM gHale

As Apple computers are becoming more mainstream, attackers are going after the OS X systems with 25 new malware variants, researchers said.

“2014 started with almost 20 new unique variants discovered in the first two months alone, though this pace slowed later so that by the end of the H1 period, 25 new Mac threats had been found,” said F-Secure researchers in its Threat Report H1 2014.

OS X Targeted by Espionage Group
Hardcoded Password Opens Router Backdoor
Attacks Drop as NTP Servers Patched
DHS Contractor Suffers Breach

“Among the new unique variants, 13 belong to five new families, with the Mask and Clientsnow being involved in targeted attacks. The remaining three new families – Coinstealer, Cointhief and LaoShu – affect normal Mac users.”

F-Secure senior security analyst Sean Sullivan said the malware variants’ appearance is particularly troubling as some of the attacks detected using them were targeting critical infrastructure areas.

“It’s mostly targeting human rights activists (which focus heavily on rights in China). But then there are also efforts to compromise Macs within the energy industry and other sectors,” he said.

“It appears to be the same sort of stuff as Havex, [going after] a wide range of targets. Possibly it is a campaign by a private ‘contractor’ who is selling to particular nation states.”

Havex is a family of remote-access Trojans known for attacks on critical infrastructure. Researchers believe it saw action in targeted attacks for at least a year.

Sullivan said the lack of public information about the targeted attacks from affected businesses indicates they are either unaware or unable to comment on them.

“It’s interesting to note there are no victims reported. We know about the targeted attacks against human rights activists because they speak out about it. Companies that are being attacked are either unaware or keep quiet,” he said.

Apple does not disclose any information about potential vulnerabilities until it has investigated and fixed them.

Apple’s iOS mobile operating system remained malware free, despite the resurgence of Mac OS attacks.

F-Secure reported of the 295 new mobile threat families and variants discovered, only one targeted iOS, and even this required the Apple device to be jailbroken to work. The remaining 294 target Android.

Leave a Reply

You must be logged in to post a comment.