Latest macOS High Sierra update is now available with the US technology firm releasing this major upgrade earlier this week. High Sierra is packed with improvements and new features including a refresh of the Photos app, Mail and Safari web browser. High Sierra also offers a boost to performance and memory of MacBooks and iMacs with a new file system able to duplicate files without using vital disk space. But there is also another major reason to hit the download button.
According to new research by Duo Security, Apple’s computers are at risk of attack due to core software being outdated. In fact, Duo Security says they found that of 74,000 Macs they tested, over four per cent ran insecure versions of software that springs into life when a computer is first switched on. The problems appear to arise from something called extensible firmware interface (EFI) which is currently used by Apple’s computers. 'It's the first bit of code that runs when you press the power button,' said Rich Smith, Duo's director of security. When Duo Security tested a number of Macs it found that the EFI wasn’t being updated leaving it out of date and open to attack from hackers. Apple has responded by saying it “appreciated' Duo’s work in highlighting the issues. In a statement the US technology giant said: 'Apple continues to work diligently in the area of firmware security, and we´re always exploring ways to make our systems even more secure.'
'In order to provide a safer and more secure experience in this area, macOS High Sierra automatically validates Mac firmware weekly.' It's worth noting that EFI attacks on the general public are not something that are currently commonplace with Duo confirming, 'Thankfully, as far as we are aware, there are not any EFI exploits that are being used as part of commodity exploit kits, malware, or ransomware that has been detected in the wild.' 'There are easier, cheaper, and arguably more effective ways in which attackers can target home users.' However, anyone who hasn't downloaded the free macOS High Sierra update should consider doing so as soon as possible as this offers the best protection against attack.
Mac users are often told that they don’t need antivirus software because there are no Mac viruses. However, this is not true at all, as Macs are affected by malware, and have been for most of their existence. Even the first well-known virus—Elk Cloner—affected Apple computers rather than MS-DOS computers. In 2018, has evolved, with more and more threats targeting these so-called impervious machines. OSX.MaMi We have already seen four new Mac threats appear. The first of these, OSX.MaMi, was by someone who had had his DNS settings changed and was unable to change them back. The malware that was discovered on his system acted to change these settings and ensure that they remained changed.
Current Mac Viruses
Additionally, it installed a new trusted root certificate in the keychain. These two actions are highly dangerous. By redirecting the computer’s DNS lookups to a malicious server, the hackers behind this malware could direct traffic to legitimate sites, such as bank sites, Amazon, and Apple’s iCloud/Apple ID services, to malicious phishing sites. The addition of a new certificate could be used to perform a, making these phishing sites appear to be legitimate.
Do Mac Computers Get Viruses
Thus, OSX.MaMi was likely interested in using phishing sites to steal credentials, although we don’t know what sites were targeted. Dark Caracal The second malware, called, was discovered by Lookout via research into nation-state malware. Their report mentioned a new cross-platform (remote access Trojan, aka a backdoor), which it called CrossRAT, which is capable of infecting Macs, among other systems. Written in Java, this malware provided some basic remote backdoor access to infected Mac systems. Dark Caracal was only a version 0.1, indicating that it is probably in an early stage of development. Although Macs no longer come with Java preinstalled—and haven’t for years—it’s important to keep in mind that nation-state malware is often crafted and used with some knowledge of its targets in mind.
The intend targets may have had reason to install Java, or it may have been installed via physical (or some other) access by a hacker targeting specific individuals. OSX.CreativeUpdate The third piece of malware was named, and was originally discovered through a supply chain attack involving the MacUpdate website. The MacUpdate website was hacked, and the download links for some popular Mac apps, including Firefox, were replaced with malicious links. These kinds of supply chain attacks are particularly dangerous, even capable of infecting savvy members of the development and security community, as was documented by Panic, Inc.
Check Mac For Viruses
Users who downloaded the affected apps from MacUpdate ended up with malicious lookalike apps. These apps would install malware on the system, then open the original app, which was bundled inside the malicious app, to make it appear normal. This helped cover up the fact that something shady was going on. The malware, once installed, used the computer’s CPU to called Monero (similar to Bitcoin). This would result in the computer slowing down and the fans starting to run at high speed. These behaviors have a number of negative impacts: significant hits on the performance of the computer, reduced battery life, increased usage of electricity, and even potential for overheating the computer and damaging the hardware (especially if the fans were not working at peak capacity or the vents were clogged with dust). OSX.Coldroot And finally, the fourth and most recent piece of malware, called, was a generic that provided all the usual access to the system that a typical backdoor does.
However, some aspects of its installation fail on modern systems such as macOS 10.11, aka El Capitan, or later. And bugs in its development cause it to fail entirely on other systems. This backdoor didn’t seem like much of a threat, but could still be dangerous on the right OS. Increasing volume of Mac malware Mac malware saw an increase of over 270 percent between 2016 and 2017. Last year, we saw the appearance of many new backdoors, such as the now infamous Fruitfly malware., Fruitfly was used by an Ohio man to capture personal data and was even used to generate child pornography. And yet, the biggest problem for Mac continues to be the rising threat of and potentially unwanted programs.
These kinds of threats have become pervasive in the last few years, even invading the Mac App Store to the degree that certain classes of software—such as antivirus or anti-adware software—in the App Store are almost entirely PUPs and cannot be trusted. Unfortunately, many Mac users still have serious misperceptions about the security of macOS. Some will still tell people that “,” hiding the truth behind a technicality that no Mac malware quite fits the strict definition of what it means to be a “virus.” Others are under the mistaken belief that Macs are invulnerable, saying things like, “Macs are sandboxed, so they can’t be infected.” In this environment, the average Mac user has no effective protection to prevent them from being infected with malware, much less the far more common threats posed by adware and PUPs.
Worse, because they believe that there are no threats, they often do not exercise the same caution online that they would on a Windows machine. Apple’s macOS includes some good security features that are helpful, but new malware easily bypasses them. In addition, they still don’t address the adware and PUP problem at all. Because of this, macOS cannot and should not be considered bulletproof. We know that not everyone wants to run antivirus software on their Macs, but if you’re looking for additional protection, can help.
Business users can get a similar level of protection from as well.