Mac Malware Makes the Leap to Automated Exploit Packs

Online attacks targeting Apple’s Mac operating system are on the rise, according to Seth Hardy, a senior security analyst at The University of Toronto's Citizen Lab. Apple has recently taken steps to counter cybercriminals by disabling Java applet support for Safari in OS X.

In releasing a software update that disabled Java applets for OS X, Apple instructed users of its Macintosh computers to download the applet manually directly from Oracle, should they need to use it. The reason? Security.

Senior Security Analyst at The University of Toronto's Citizen Lab, Seth Hardy says that his team of researchers has noticed a significant spike in malware that targets Macs in the last year.

According to IT World citing the analyst, Mac-based attacks have officially made the leap to automated exploit packs, which makes unprotected Mac systems more prone to attacks, just like in the Windows world.

Hardy’s team is now tracking at least four distinct branches of Mac-focused malware that are being actively developed for use in targeted attacks against human rights organizations, according to the report.

New variants are said to emerge on a regular basis. A branch called Davinci seems to be “a gray ware Mac surveillance software package developed for the law enforcement community,” according to the report.

Hardy advises organizations or individuals who believe that Macs are immune to malware to think again.

“If the target is there and valuable enough and they use Mac, the tools (to compromise the target) exist and will be used,” he said.

Mac-centric malware has been picking up steam over the past few years, which prompted Apple to release ever-more sophisticated countering measures to thwart cybercriminals’ attacks.

Apple’s latest major attempt to combat malware on the Mac has been the introduction of Gatekeeper in OS X 10.8 Mountain Lion.

Included in the Security & Privacy tab in Mountain Lion’s System Preferences, the module allows users to select one of three methods of installing software on their computers. The default setting only trusts programs from the Apple-curated Mac App Store and “identified developers.”