In record time, Apple releases security update for macOS High Sierra

Increased number of malware for Macs worries experts


Apple platforms are, in general, very secure by design, which has remained the Mac's competitive advantage over Windows for years. But the popularity of Ma's computers also contributed to the number of existing threats increasing, especially in 2015.

A study recently released by Bit9 + Carbon Black pointed to an explosion in the number of instances of malicious software for OS X, in the last 12 months. According to the document released by security experts, 948 malware instances were identified in 2015, while the sum of the detections between 2010 and 2015 does not reach 20% of that number.

In the same period, Apple brought security improvements to OS X in several areas. The most obvious one is Gatekeeper, which has recently been subject to possibilities of being circumvented by malware. In El Capitan, operating system integrity protection is enabled by default and prevents applications from working with sensitive UNIX areas and other components, closing off attack vectors.

The numbers are noteworthy, as the Mac gradually becomes a definite option of choice in various market segments. Apple has made a huge effort to attract companies that have adopted iOS over the past few years, many of them located in the United States. In its last count released in 2013, OS X has 86 million active users worldwide; analysts believe the company will reach the 100 million mark in 2016.

On the other hand, the growing adoption of Macs in companies calls for caution with the security risks of users that were recent highlights, such as the XcodeGhost. Although the large number of apps affected by the iOS malware came from the Chinese market, FireEye claims to have identified 210 corporate applications being distributed in the U.S. that were distributed with a similar and adulterated version of Xcode.

Corporate apps infected by XcodeGhost S

Most of these products (65%) were found in educational companies, but samples were also found in high-tech companies (13%), industries (4%) and even operators (2%). The use of XcodeGhost even allowed recent technologies created by Apple to be broken on iOS 9, including App Transport Security (ATS), for protecting communications client-server.

Like many competitors in the industry, FireEye claims to be able to identify and block these malware samples using its tools, but Apple does not provide details on how it is working to keep them away from the App Store.

(tip from Lo Prado, via Link Estado and PCWorld)