There was a time when viruses and malware for Apple products were few and far in between. Across many tech forums, whenever there’s some news about something wrong with Windows, users would evangelize about how great their Macs and Linux boxes are especially when it comes to viruses and malware. Windows is on every virus and malware author’s crosshairs because everybody uses it. Most businesses run on some version of Windows. Where there’s business, there’s money and where there’s mischief to be done, the more infected the merrier.
Steve Jobs used to refer to Apple’s computers as “computers for the rest of us”. “Rest of us” being consumers while everyone else were business folk. Down the line, when Windows PCs broke out, Jobs kicked out, “rest of us” meant Apple’s dwindling fan base. But now, the “rest of us” continue to increase as Wintel PCs continue to go down, replaced by tablets and phones run by Android or iOS. Macbooks and Mac Pros are steadily becoming popular as Windows alternatives. So the term “rest of us” increasingly applies to consumers using Windows. In short, there’s a growing role reversal and malware authors are now targeting Apple products. The Apple tree has grown and now it’s time to chuck rocks at it. Reports of malware for Macs and iOS devices continue to increase, and security software companies might not be able to keep up. But at least for them, its good news. It’s a way for them to recuperate from low PC sales. For many Apple users, it’s dangerous, unfamiliar territory.
For starters, iOS is a platform, practically devoid of malware due to Apple’s walled garden system. Apple’s walled garden system protects users from malware since apps sent to the app store are curated by Apple. The only Apple iPhones and iPads prone to malware are those that were jailbroken. However, news came out September 2015 of a malware called XCodeGhost which is basically a modified version of Apple’s XCode SDK. About 4000 apps mostly from China made with this SDK were uploaded to the Apple Store. Infected apps would then collect device and network information back to the culprits and also hijack specific URLs.
Now we have a new and terrifying piece of malware called KeRanger that targets Macs. KeRanger is ransomware. A type of malware that will hold your system or data hostage using methods like encryption. Unless the user coughs up some money (often untraceable bitcoins) to an account set up by the malware author, the user has no choice but to re-format the computer and restore from backup if any. KeRanger came out just this March 2016. Users using the Transmission bittorrent client are susceptible to this ransomware. KeRanger is said to be a port of the Linux.Encoder malware that targets Linux servers.
Again for iOS, there’s AceDeceiver, which has the potential to infect millions of iPhones and iPads. This malware gets into devices through flaws in Apple’s FairPlay, the company’s system that protects apps from being stolen from the App Store. This malware, therefore, can also affect non-jailbroken devices. True to its name, it tricks users into entering their Apple ID and password to be sent to the attackers thus gaining access to the user’s data. This malware is acquired when users download a Windows program called Aisi Helper which like iTunes allows for backup, cleaning, device management and jailbreaking. AceDeceiver gets loaded to the device and the phishing begins.
It’s often news when iOS or Mac OS X gets a new dose of viruses or malware. It’s just another day for millions of Windows users unless the virus gets really viral. But the gaps between Apple malware releases keep getting shorter. It may be time for Apple and Apple users to again “think different” and start thinking about more security.