New research from Symantec says that threats targeting Apple products have spiked in the past 18 months. The number of new Mac OS X threats rose by 15 percent in 2014, while the number of iOS threats discovered this year has more than doubled, from three in 2014 to seven so far in 2015.
Jailbroken devices are the focus of the majority of threats and, of the 13 iOS threats documented by Symantec to date, nine can only infect jailbroken devices.
“While the total number of threats targeting Apple devices remains quite low compared to Windows in the desktop space and Android in the mobile sector, Apple users cannot be complacent,” says Dick O’Brien of Symantec. “Should Apple platforms continue to increase in popularity, the number of cybersecurity threats facing Apple users will likely grow in parallel.”
As outlined in a new Symantec whitepaper, threats affecting Apple devices range from ordinary cybercrime gangs branching out and porting their threats to Apple platforms, right up to high level attacker groups developing custom Mac OS X and iOS malware. Examples of the latter include the Butterfly corporate espionage group infecting OS X computers in targeted organizations and the Operation Pawnstorm APT group creating malware capable of infecting iOS devices.
Symantec says that the number of new OS X threats emerging is increasing year-on-year, rising by 15 percent in 2014. This followed an increase of 44 percent in 2013 and an increase of 29 percent in 2012. The number of unique OS X computers infected with malware in the first nine months of 2015 alone was seven times higher than in all of 2014, according to Symantec.
“While the number of infections on OS X computers has increased dramatically over the past year, a significant amount of this spike has been accounted for by grayware, such as adware, potentially unwanted or misleading applications,” says O’Brien. “While these grayware infections accounted for much of the surge in infections between June 2014 and March 2015, recent months have seen a significant uptick in infections involving other forms of malware.”
The number of iOS malware threats discovered to date remains quite small, although it is beginning to increase, with seven new threats discovered to date in 2015, up from the previous high of three in 2014. Attackers targeting the operating system need to find a way to install malware on a device, which can represent a significant hurdle.
Many threats are installed when the target connects their device to a compromised desktop computer. Jailbroken devices present more opportunities for compromise and many threats are designed to take advantage of jailbroken phones. Of the 13 iOS threats documented by Symantec to date, nine can only infect jailbroken devices.
Symantec says the overall number of new OS X vulnerabilities emerging has remained relatively steady in recent years, at a rate of between 39 and 70 per year. In most years, the number of new OS X vulnerabilities has been lower than the number of Windows vulnerabilities found. The greater numbers of Windows vulnerabilities may be reflective of the larger market share that the Microsoft operating system enjoys, prompting a greater level of scrutiny from attackers and security researchers.
Meanwhile, the amount of IOS vulnerabilities being found annually has trended upwards over the past four years. Between 2011 and 2014, the amount of vulnerabilities affecting iOS has exceeded those that were documented for its main competitor, Google’s Android, according to Symantec. That trend has reversed in 2015 as so far, new Android vulnerabilities have outpaced iOS.
However, security researchers have begun to focus on vulnerabilities in Apple software and have uncovered a number of high-profile flaws in the last year. Zero-day brokers have begun offering bounties for Apple vulnerabilities, with US$1 million paid recently for a jailbreak of iOS 9.1. This is sure to add more impetus to researchers who are interested in looking at Apple systems for vulnerabilities, according to Symantec.
To keep things safe on your OS X and iOS devices, Symantec says you should:
- Use a robust security suite and keep it updated.
- Keep your operating system and all other software up-to-date. Software updates frequently include patches to newly discovered security vulnerabilities that could be exploited by attackers.
- If you’re considering jailbreaking an iOS device, exercise caution and educate yourself on the risks you may be exposed to. The majority of iOS threats target jailbroken devices and unofficial app stores are more likely to host Trojanized apps.
- Only install software from reputable sources. Some third-party OS X app stores have been found to host Trojanized software. Grayware, such as adware, and potentially unwanted or misleading applications are often bundled with installers for other applications.
- Delete any suspicious-looking emails you receive, especially if they include links and/or attachments. Don’t even open them, just delete them. If they purport to come from legitimate organizations, verify with the organization in question first.