The increasing popularity of Apple devices in recent years has led to cybercriminals taking more and more interest in the OS X and iOS operating systems. This puts users’ data and privacy – as well as their money – under threat.
A joint study by Kaspersky Lab and B2B International found that one in four Mac desktop users encountered a malware programme in the past year. The study also indicated that 21% of these cyber-attacks lead to financial losses, including the costs of buying software to restore the system or hiring IT specialists to disinfect the machine.
Wirelurker, a recently-detected Trojan, is a vivid example of malware specifically designed to target Apple users. In the 6 months prior to its detection it was downloaded 356,000+ times from an alternative app store, so it could have infected a significant number of computers. Wirelurker is unique in that it exploited a hitherto-unknown vulnerability to spread to any Apple iOS devices that were connected to an infected computer. The Trojan could even infect devices that had not been ‘jail-broken’, opened up to download apps from third-party sources. The net result was that users of OS X, an operating system believed to be safe from malware, inadvertently infected devices running under iOS.
However, viruses and other types of malware are not the only threats to users of Mac devices. Network attacks and online fraud, for example, do not need to install any malicious software on a victim’s device. Phishing is one of these threats. Interestingly, the percentage of OS X users who encountered financial threats is even higher than for users in general. 51% of users with OS X computers said they encountered financial threats within the past year; for users in general the figure is 43%. These statistics are supported by data from Kaspersky Security Network: of all OS X phishing attacks detected by Kaspersky Lab over the period from November 2013 through October 2014, 44% aimed at stealing financial data. In other environments, the share of financial fishing is 26%.
OS X users should also remain alert to other cross-platform threats, such as vulnerabilities in the software installed on their devices. For example, the ShellShock vulnerability published in September 2014 potentially allows a cybercriminal to execute any code, including malicious code, on a computer. However, if cybercriminals discover these security loopholes before anyone else they have a window of opportunity where they can exploit the vulnerability for malicious ends before the manufacturer of the OS can fix the problem.
In other words, no system can be considered entirely secure from cyberthreats; therefore, extra tools are needed to ensure online security. Kaspersky Internet Security for Mac, integrated into Kaspersky Internet Security — multi-device 2015, effectively protects against malware, blocks network and phishing attacks.