macOS Under Attack: Examining the Growing Threat and User Perspectives
25.7.23  Apple  The Hacker News

As the number of people using macOS keeps going up, so does the desire of hackers to take advantage of flaws in Apple's operating system.

What Are the Rising Threats to macOS?#
There is a common misconception among macOS fans that Apple devices are immune to hacking and malware infection. However, users have been facing more and more dangers recently. Inventive attackers are specifically targeting Mac systems, as seen with the "Geacon" Cobalt Strike tool attack. This tool enables them to perform malicious actions such as data theft, privilege elevation, and remote device control, placing the security and privacy of Mac users at grave risk.

Earlier this year, researchers also uncovered the MacStealer malware, which also stole sensitive data from Apple users. Documents, iCloud keychain data, browser cookies, credit card credentials – nothing is safe from the prying eyes.

But that's not all. CloudMensis is malicious software that specifically targets macOS systems, spreading through email attachments and compromising device security. It can steal sensitive information and grant unauthorized access to users' systems. JockerSpy, on the other hand, can infiltrate a system through deceptive websites or bundled with seemingly harmless software. Once installed, it can monitor users' activities, capture keystrokes, and access personal data.

Even state-sponsored hacking organizations, like the North Korean Lazarus Group, have started targeting Apple Macs. Do you think this was a wake-up call for many Apple users who thought their devices were immune to getting attacked?

Mac Security Survey 2023: User Awareness and Behavior#
To understand the state of cybersecurity on the Mac, the Moonlock team, a dedicated group of MacPaw's researchers and engineers focused on the cybersecurity needs of Mac users, conducted a survey. From their fears and concerns to their behaviors and misconceptions, here's how Mac users are navigating the increasingly complex security landscape:

Cybersecurity Myths are Still Alive#
macOS Under Attack
Despite the growing risks, many Mac users still take their cybersecurity lightly. Just think about it, Moonlock's Mac Security Survey 2023 reveals that every third Mac user believes their data is of no interest to cybercriminals. 57% of Mac users either agree or hesitate to disagree with the statement, "Malware does not exist on macOS."

Awareness is High, but Risky Behaviors Abound#
macOS Under Attack
The truth is many Mac users have already fallen victim to attacks. More than 50% of respondents have experienced malware, hacking, or fraud personally or in their closest environment. 69% of them have personally faced at least one of these threats:

Malware, viruses
Hacking accounts, stealing passwords
Scam
Collection of personal data from browsers and social networks
Breach of personal data
Phishing
Violation of online payment security
Identity theft (including SSN theft)
Access to correspondence and private files.
This shows how vulnerable macOS is and highlights the need for stronger security.

Despite threats, 22% of Mac users have the same password for multiple accounts, and 31% skip software updates. At the same time, 45% feel that they don't do enough to protect themselves from cyber threats.

There's a Lack of Clarity About Security Tools#
macOS Under Attack
When it comes to digital security, there seems to be a lack of clarity around the use of security tools. Did you know that 11% of respondents who say they use a password manager actually store their passwords in their browsers? And interestingly, 35% of self-reported secure browser users consider Safari and Google Chrome to be safe options.

There's Also a Lack of Reliable Info #
macOS Under Attack
According to Moonlock's research, 52% of Mac users actually want to talk to experts about how to stay safe online. However, 30% of users struggle to find reliable sources of information on the topic.

It is critical that Mac users remain vigilant, make cybersecurity a priority, and stay informed about the evolving threat landscape. By raising awareness and promoting proactive security measures, we can strengthen the protection of our Mac systems and safeguard our digital lives.