Based on research across established dark web forums, threat actors are targeting macOS, with exploits trading for millions of dollars

  • roofuskit@kbin.social
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    Apple used to brag about how Macs didn’t get viruses. I used to laugh because it wasn’t that they were that much more secur but because their market share was too small to be a profitable target.

    Now they’ve cultivated the perfect target user base. A large collection of tech ignorant or adverse people who have lots of money to burn.

    • 🦘min0nim🦘@aussie.zone
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Well, they were significantly more secure by default than Windows due to various design measures including the separation of user land. And old OS9 was friggin brilliant for a web facing machine back in the day.

      • argv_minus_one@beehaw.org
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        OS9 ran absolutely everything with full privileges. It was not even remotely secure. It was basically Windows 95-level security.

    • abhibeckert@beehaw.org
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      1 year ago

      When did Apple brag about that? All I can think of is a brief ad campaign where the “PC Guy” had a cold. That’s hardly a claim that Macs have perfect security.

      Apple has, in fact, gone on the record as saying they don’t think the Mac is secure enough, and that’s why iOS is locked down as tight as it is.

  • interolivary@beehaw.org
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Welp, maybe I’ll finally have to get around to installing some sort of anti-virus/malware software after 20 years of macOS and/or Linux. At least the system architecture isn’t quite as much of a dumpster fire as Windows’ is, but nothing is invulnerable when there’s enough incentive

    • meseek #2982@lemmy.ca
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 year ago

      Naw. This is just FUD. I mean it’s coming from Accenture ffs.

      Keep calm and keep computing.

      • interolivary@beehaw.org
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        Yeah I’m not exactly in a hurry here, but more widespread malware is still just a question of incentive. macOS isn’t invulnerable, it’s just mainly been a smaller and less easy target so it’s not gotten the same sort of attention as Windows

        • meseek #2982@lemmy.ca
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          1 year ago

          Every software has holes. Not saying macOS is bullet proof. But it’s much harder to infect thanks to its Unix core and the fact the entire OS is on a read only partition. That with their own anti malware tool (Gatekeeper) that took on a much more active roll in macOS’s defenses come Ventura.

          I’m far more worried Apple replaces macOS or closes it just like all their other OSes and we end up bouncing between jailbreaks.

    • The Doctor@beehaw.org
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      More and more, companies are giving their sysadmins and coders Macbooks rather than Wintel laptops. It’s been an upward trend in last eight or nine years. I’ve always thought it was to head 'em off at the pass so they won’t install un-remotely managed and un-monitored Linux distros on company equipment. At any rate, a lot of proprietary stuff winds up on corporate Macbooks, which means targets worth going after. As for availability of exploits for OSX, folks have been hoarding them for this kind of situation. These days, you wait for an optimum target environment before you unleash your 0-days.

      • Kazumara@feddit.de
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        1 year ago

        I’ve always thought it was to head 'em off at the pass so they won’t install un-remotely managed and un-monitored Linux distros on company equipment.

        For me it’s not working. Every day of having to use macOS drives me closer to doing this. It’s such a fucking annoying system, even after 2.5 years :-D

    • It may not even be that much of a real increase. The “1000%” increase chart in the article doesn’t have any y-axis label, which is suspicious. Plus percent increases from a small absolute starting point are misleading.

      Skimming article, it looks like increase is in dark web posts about MacOS zero days and CVEs rather than actual successful attacks.

  • crow@beehaw.org
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    1 year ago

    The trick is to use an operating system so niche and different that no one is prepared to hack it.

    • The Doctor@beehaw.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I know a couple of greybeards who’re building a SCO UNIX virtual machine to troll skiddies. I wonder if they’re going to sneak it onto the network at hacker summer camp.

      • mobyduck648@beehaw.org
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        1 year ago

        I practice security through obsolescence instead, all my data is stored on 3 1/2” floppies and if I need to send someone a voice message I post it on a cassette.