Modern Mac Malware Is Worse Than Your Wildest Dreams

Security experts aren’t certain how FruitFly gets around - whether it is through a program vulnerability or social engineering, such as email scams - but they have identified several hundred computers that are infected.

August 7, 2017
77 Shares 1,194 Views

For years, Apple capitalized on rumors that Mac computers simply didn’t get viruses – and in the past, those rumors were close to true. Because Macs enjoyed a miniscule portion of the consumer computer market – and because they run a different operating system that requires distinct coding – few cybercriminals bothered writing malicious programs targeting Macs.

Yet, in the past few years, all that has changed. Macs are still less popular than PCs, but they have cornered a much larger percentage of the market than previously: These days, nearly 10 percent of all computers in use are of Apple origin, which is not an insignificant number. However, more importantly, Mac users continue to believe their machines are impervious to attack, making them much easier targets than PC users. As a result, some of the worst malware on the web is swiftly infiltrating Mac devices – and most Mac users don’t even know it.

Existing Mac Malware

Hackers have developed malware for Mac computers and devices since their beginning. However, in 1982, the first malware was merely a poem that displayed on boot whereas today, Mac users are combatting intense programs that steal data, hold machines hostage, and create panic for users. More and more Mac-specific ransomware is popping up on devices around the globe, forcing Mac users to decide between losing their information and paying a sometimes-exorbitant sum. In fact, though the infamous WannaCry virus afflicted outdated PC networks, a copycat ransomware targeting Macs is already making its way across the darknet and onto unsuspecting users’ machines.

Identified earlier this year, security firms noticed a program dubbed FruitFly which lurked quietly in the background of many Macs. The program logged keystrokes, took screengrabs, and captured pictures of Mac users through their webcams. The purpose of this activity remains unknown. However, the worst discovery is that anti-virus programs have been unable to detect the virus – which has likely been infiltrating Mac machines for a decade or more.

Security experts aren’t certain how FruitFly gets around – whether it is through a program vulnerability or social engineering, such as email scams – but they have identified several hundred computers that are infected. The code is simple and seemingly innocuous, but it proves that Mac machines have long been susceptible to infiltration, and Mac users must be on high alert to avoid losing their data and dignity.

Avoiding Mac Malware

With such dangerous malware threatening Mac devices, it is more important than ever that Mac users understand how to protect themselves and their machines. Installing trustworthy, current anti-virus for Mac machines should be a user’s priority, as effective security programs will prevent unwanted attacks from developing into serious situations. Ideally, a security program should protect the most vulnerable functions, including email, social media, and browsing – and updated options will include protections for mobile devices, as well.

Still, no computer users should lower their guard, even after installing dependable software. Most infections occur due to human error, so developing smart, secure computer-use habits is vital to keeping machines safe and healthy. These habits should include:

  • Updating. Outdated applications often include vulnerabilities through which cyber-attackers can access machines. Users should allow OS X and all installed software to download updates whenever available.
  • Reading emails. Most modern email scams model themselves off legitimate services many users truly use, such as banks, tech support, or social media groups. Still, there are usually hints that emails aren’t genuine, such as odd sender addresses, foreign-sounding sentences, misleading links, etc.
  • Writing passwords. It’s one of the oldest security rules, but crafting a complex, unique password remains vital to digital security. Users can take advantage of password management tools, offered through cybersecurity providers, to make passwords easier.
  • Connecting. Private networks are more exclusive and therefore safer than public networks. Users should be wary of connecting to unknown devices, especially without proper protections like firewalls, anti-malware software, and anti-exploit security.
  • Backing up. The arms race that is cybersecurity makes predicting the future of malware virtually impossible. Because users can’t be certain of what malware looms on the horizon, everyone should regularly back up all their data to the cloud or a secure secondary hard drive.