fva-630-skull-and-crossbones-computer-virus-hacking-credit-shutterstock-630w Compared to Windows PCs, Apple’s Mac computers have always been relatively virus free. However, a recent security attack has proved this is no longer true.

March 2016 saw a significant attack on Mac users which involved hijacking the Transmission BitTorrent app in order to deliver ransomware to its victims. It sounds like your stereotypical Windows attack, but why is it now happening to Macs? After all, the general consensus has been that they’re immune from viruses.

Seeing as Macs are very important to a huge number of businesses, I’m going to investigate this latest attack to analyze how it occurred and what it means for Mac users.

The Nature of the Mac Ransomware

computer-viruses

The unknown attackers used ransomware in their attack against Apple users and it’s a type of cyber-attack which is becoming increasingly popular. In this instance, the hackers were able to gain access to users’ systems through the Transmission BitTorrent app. This allowed the hackers to download malicious software onto the Macs. This software literally held the Mac users to ransom by encrypting their files and demanding $400 to release them.

How Did Apple’s Guard Drop?

For a very long time, Apple users were confident that Macs were safe from cyber-attacks. And for a long time this was generally true. This, however, wasn’t down to cutting edge security technology.

The truth is that hackers didn’t have much interest in targeting an Apple Mac. The reason for this is that Apple has a much smaller share of the market than Windows PCs. Why would a hacker want to spend their time writing software which could only target a small number of users?

This fact perhaps led to a sense of complacency on Apple’s part, so they weren’t expecting vulnerabilities in their operating system to be exploited so easily. Unfortunately, Apple’s Gatekeeper security software has, itself, been shown to contain numerous back doors through which hackers can cause chaos.

One of the main routes into Apple’s system is by tricking it to accept pre-approved developer certificates which have been faked. This allows users to download software which isn’t produced by who it says it is and, therefore, can’t be trusted. And this is exactly what happened with the Transmission BitTorrent app.

The Future for Apple Security

mac-shield

This recent attack is not the first security scandal to hit Apple. In 2014, there were around  10,000  – 70,000 attacks on Mac computers per month, but this rose dramatically in 2015 and is set to multiply significantly in 2016.

These figures are very startling for Apple, so it’s crucial that they take a look at Microsoft’s approach to internet security. Due to their dominance of the computer market, Microsoft has had to ensure their PCs are resistant to attacks. Steps taken have included:

  • Working with hackers to understand how they have attacked Windows
  • Offering cash rewards to anyone who finds new security flaws in Windows

It’s essential that Apple take a long hard look at their Gatekeeper software and evaluate how it can be improved. If they don’t they stand to alienate their customers if ransomware attacks continue.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


trouver-et-suprimer-malware-keyraider-infoidevice

Users running Apple’s iOS software may have been exposed to a nasty piece of malware which threatens to steal user data and make unauthorized app purchases.

This malicious software has been dubbed ‘KeyRaider’ and has been responsible for uploading sensitive user information to a central server. This type of data theft is alarming enough, but affected users are also having to contend with KeyRaider purchasing apps without authorization.

The KeyRaider infection, so far, only appears to affect Apple devices which have gone through the ‘jailbreak’ process, but up to 225,000 accounts have been compromised as a result.

How did KeyRaider Start?

Jailbreaking an Apple device involves removing hardware restrictions enforced by iOS and is a fairly common practice for Apple users who are tech savvy. The aim of jailbreaking is to give more control over how the device runs and to enhance functionality.

9544245659_899baface2_z

Now, a whole industry has sprung up around jailbreaking in order to really highlight what an Apple device can do and to show off developers’ coding skills. And at least one amateur developer has decided to exploit this desire by creating jailbreak tweaks which hide a nasty surprise.

Once these tweaks are installed on an Apple device the system becomes compromised and puts the user at risk of a serious infringement of their security.

The Malicious Tweaks in Full

Two jailbreak tweaks in particular have been identified for putting users at risk of contracting the KeyRaider malware and they are:

  • iappstore – This jailbreak tweak promises to allow jailbroken devices to download paid apps from the App Store without spending a single cent.
  • iappinbuy – Many apps require users to make in-app purchases to enhance that app’s experience e.g. unlocking extra features in games. And this particular tweak pledges to circumnavigate the payment.

Despite many Apple users doubting the authenticity of these tweaks, they were downloaded over 20,000 times. And every single download puts users’ personal data at risk.

What Type of Data Is Being Stolen?

KeyRaider appears to be stealing three types of data from users under the following categories:

  • Usernames, passwords and the Apple devices ‘global unique identifier’
  • Push notification service certificates and private keys
  • App Store purchase logs

These three forms of data carry very powerful user information which is allowing KeyRaider to create high levels of panic particularly due to the financial edge.

How to Protect your Apple Device

sunset_ios_8_wallpaper-copy-1160x725

The simplest piece of advice we can give you is NOT to jailbreak your Apple device. They’re pretty amazing bits of kit as they are, so some things are better off left alone. However, I appreciate that many people want that little bit extra, so we advise the following:

  • Do NOT download the iappstore or iappinbuy app.
  • Avoid downloading anything from Cydia Substrate which is like the App Store, but for jailbroken devices – this is where the malicious tweaks first surfaced.
  • If something sounds too good to be true – such as not paying for paid apps – then it probably isn’t worth installing.

By following this advice you will safeguard your Apple device from disruptive malware such as KeyRaider.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More