Malware on the Mac: Security researchers warn of new trends
A new report on malware on the Mac paints a gloomy picture. AI chatbots and malware-as-a-service have encouraged a negative development.
(Image: WeDesing / Shutterstock.com)
Artificial intelligence and a growing cybercriminal service business are said to have significantly tightened the security situation on the Mac in recent months. This is the conclusion of an annual cybersecurity report by Moonlock Lab, a laboratory specializing in the detection of new malware and system vulnerabilities run by the Ukrainian software company MacPaw, which develops antivirus software, among other things.
According to the report, AI chatbots such as ChatGPT enable even people without any programming knowledge to develop malware. Among other things, screenshots from the darknet are shown as evidence, where a user used the OpenAI chatbot to program malware that steals cryptocurrency from a Mac. Until now, according to the authors of the report, the necessary programming skills were a hurdle that criminals first had to overcome on the way to creating their own malware. Now we are seeing a decentralization of cybercrime, which is a cause for concern.
Malware as a service
There is also a trend for those with programming skills to offer their malware as a service. Malware-as-a-Service (MaaS) is already being offered for prices of around 1500 US dollars per month, while the development of malware by others has so far cost tens of thousands of euros. In addition, there is more and more competition, which further depresses prices. Meanwhile, the developers of such malware have found a way to generate revenue without having to get their fingers dirty.
With a share of 73 percent, adware – i.e. software that displays unwanted advertising – dominates the malware statistics for the Mac, reports Moonlab from its surveys. The fastest development was observed in the area of data theft. Ransomware was only recorded in 0.01 percent of the detections of the antivirus software on devices of private users.
Humans are the biggest vulnerability
The biggest weak point is the human being. So-called social engineering, in which people are tricked into doing something or giving something away, is the main method of attack observed. Consequently, the familiar recommendations for behavior apply, including particular caution with downloads from unknown sources and skepticism with apparent system dialogs that ask for passwords. Users should also keep their systems as up-to-date as possible.
Empfohlener redaktioneller Inhalt
Mit Ihrer Zustimmmung wird hier ein externer Preisvergleich (heise Preisvergleich) geladen.
Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (heise Preisvergleich) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.
(mki)