21 Newly Uncovered Malware Variants Attacks MacOS Users

The “Security 360: Annual Trends Report 2024” provides a comprehensive overview of the evolving cybersecurity landscape, focusing on device risks, application risks, malware and attack evolution, and web-based risks.

It emphasizes the importance of understanding and mitigating these risks to protect valuable business secrets and personal information.

This article examined the impact of security trends on 15 million Jamf-protected devices across 90 countries, including iOS, macOS, iPadOS, Android, and Windows, over 12 months that analysis occurred in Q4 2023.

You can analyze a malware file, network, module, and registry activity with the ANY.RUN malware sandbox, and the Threat Intelligence Lookup that will let you interact with the OS directly from the browser.

Threat Landscape Evolution

The report highlights the continuous evolution of the threat landscape, noting an increase in sophisticated attack vectors aimed at compromising devices, tricking users, and infiltrating organizations.

It points out that 8% of organizations had a mobile device accessing a third-party App Store, and 40% of mobile users were running a device with known vulnerabilities, underscoring the prevalence of device risks.

The analysis also reveals that 2.5% of devices had a vulnerable application installed, indicating significant application risks.

The report identifies various attack vectors, including social engineering tactics that have become more compelling. It stresses the importance of protecting users from these attacks.

It highlights the need for organizations to be vigilant against threats targeting all platforms, whether the devices are company-owned or BYO (bring your own).

Device, Application, Malware, and Web-based Risks

  • Device Risks: The complexity of modern devices introduces new vulnerabilities, with 40% of mobile users running devices with known vulnerabilities. The report emphasizes the importance of maintaining up-to-date operating systems to mitigate these risks.
  • Application Risks: Both native and web applications pose risks, with vulnerabilities needing management within the application software. The report found that 2.5% of devices had a vulnerable application installed.
  • Malware and Attack Evolution: The report discusses the evolution of malware and attacks, including the increasing sophistication of social engineering tactics.
  • Web-based Risks: The prevalence of web-based threats is highlighted, with findings that the Firewall feature was disabled on 55% of Macs, indicating a lack of basic security measures.

Based on research, here is a complete list of all the new Mac malware cases we studied and counted in 2023:

Malware family% of all Mac malware
Adware36.77
PUA35.24
Trojan17.96
Exploit4.40
Ransomware2.00
Downloader0.92
Hacktool0.67
Coinminer0.64
Certificate0.64
Dropper0.56
Infostealer0.25
Spyware0.23
Malware0.20
Keylogger0.04
Network0.026
Virus0.01
Rogue0.01
Hyperlink0.01

Phishing

Phishing is the greatest web danger because of its low effort and high success rate. 9% of users were phished in 2023, up 1% from 2022.

This increase in phishing instances shows attackers’ shift toward directly targeting individuals, frequently via social media, to exploit remote or hybrid workforces using personal devices for work.

 phishing is the top threat and for
good reason: minimal effort for maximum success
Phishing is the top threat, and for good reason: minimal effort for maximum success (Source: Jamf)

According to the survey, mobile devices were 50% more effective for phishing attempts than Macs, emphasizing the need for enterprises to improve data security and educate users.

Cryptojacking

Cryptojacking affects 1% of devices and 9% of companies, making it a significant danger. Cryptojacking, initially warned of in 2011, increased 399% in the first half of 2023 to 332.3 million instances.

Threat actors now profit from cryptojacking, not only resource theft. According to the paper, Jamf Threat Labs discovered cryptojacking malware in pirated macOS software, indicating its pervasiveness and the importance of enterprises taking it seriously.

To combat these threats, the report recommends adopting industry best practices such as using integrated management and security products, hardening endpoints, keeping operating systems and applications up-to-date, and implementing multi-layered, defense-in-depth protections.

These practices are essential for managing threat exposure and enhancing organizations’ overall security posture.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are extremely harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Divya is a Senior Journalist at Cyber Security news covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.