Connect with us

Hi, what are you looking for?


Malware & Threats

Mac OS X and iOS Infections and Threats on the Rise: Symantec

The number of Mac OS X systems infected with malware during the first nine months of 2015 is seven times higher than in all of 2014, Symantec reports.

The number of Mac OS X systems infected with malware during the first nine months of 2015 is seven times higher than in all of 2014, Symantec reports.

Threats against Apple’s computers have been steadily increasing over the past four years, Symantec’s Dick O’Brien noted in a recent blog post. The growth started in 2010, but started to spike in the recent years, reaching 29 percent in 2012, 44 percent in 2013, and hitting 15 percent in 2014.

In 2015 to date, however, the number of newly detected Mac OS X threats has seen a decrease, despite the fact that more and more Macs are being infected. The number of infections started to increase in June of last year and peaked in March 2015, O’Brien said. After a steady decrease until July, the infections went up again in August.

According to Symantec, the increase in infections is based mainly on “grayware”, including adware, potentially unwanted or misleading applications. These grayware infections accounted for the surge between June 2014 and March 2015, but other forms of malware started to appear in the infections observed over the past few months, O’Brien says

While the grayware malware features high prevalence, infections usually have a smaller impact, unlike other forms of malware, such as backdoors, infostealers, and Trojans, which have low prevalence by very high impact. By using more sophisticated malware, attackers can gain remote access to Macs, can steal sensitive information, including banking credentials, and can also encrypt data on infected machines and demand ransom to decrypt it.

iOS devices are also becoming a target for cybercriminals, and 2015 marks a new high in threats discovered for the platform, although the number of such threats remains very small at just 7, Symantec said. The main issue is the fact that attackers have few methods of installing malware on iOS devices.

Some malware infects iOS devices when they are connected to compromised desktops, but attackers also target jailbroken devices, since their users have access to third-party app stores and the systems has fewer application control policies in place. According to Symantec, 9 of the 13 iOS threats it has documented to date are aimed only at jailbroken devices.

Advertisement. Scroll to continue reading.

The security firm notes that jailbroken devices are at high risk when installing apps from third-party stores, as they might include backdoors or other malware. iOS devices are also vulnerable to applications coming from unverified sources, and the XcodeGhost malware designed to inject malicious code into both iOS and Mac OS X applications is proof of that.

When it comes to Mac OS X vulnerabilities, Symantec notes that the number of newly discovered ones remains steady at between 39 and 70 per year. The number of new Mac vulnerabilities is usually lower than that of new Windows ones, mainly because Microsoft’s OS has a larger market share, which makes it the primary target for both researchers and cybercriminals.

The number of iOS vulnerabilities found each year has been growing steadily, exceeding those documented for Android between 2011 and 2014. This year, however, the number of new vulnerabilities discovered for Android has exceeded those found on iOS. Security researchers, however, have started to focus on iOS vulnerabilities, and recently announced $1 million bounty programs should determine them to accelerate work on the matter.

“Although still small in terms of overall numbers, the number of new OS X and iOS threats discovered annually has been trending upwards over the past five years. Given this trend, Apple users cannot be complacent about security. Awareness of common threats combined with properly securing Apple devices should minimize the risk of infection,” O’Brian says.

To stay protected, users should install robust security suites and keep them updated, should also keep the operating system up-to-date, and should avoid jailbreaking devices. They should also install applications from reputable sources only, and should not open suspicious emails or attachments they receive, to avoid falling victims to phishing attacks.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Malware & Threats

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

Malware & Threats

A vulnerability affecting IBM’s Aspera Faspex file transfer solution, tracked as CVE-2022-47986, has been exploited in attacks.


The recent ransomware attack targeting Rackspace was conducted by a cybercrime group named Play using a new exploitation method, the cloud company revealed this...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...