{"id":187405,"date":"2024-02-20T13:53:07","date_gmt":"2024-02-20T13:53:07","guid":{"rendered":"https:\/\/www.techopedia.com\/?p=187405"},"modified":"2024-02-20T14:16:40","modified_gmt":"2024-02-20T14:16:40","slug":"as-macos-adoption-rises-the-malware-attacks-increase","status":"publish","type":"post","link":"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos","title":{"rendered":"As MacOS Adoption Rises, the Malware Attacks Increase"},"content":{"rendered":"<p>The days in which Mac users could assume that they were operating one of the most secure OS in the market are over. Mac malware is on the rise and becoming more dangerous. <a href=\"https:\/\/objective-see.org\/blog\/blog_0x77.html\" target=\"_blank\">Patrick Wardle<\/a>, a researcher specializing in Apple security, recently concluded that new macOS malware specimens increased roughly 100% from 2022 to 2023, with <a href=\"https:\/\/www.techopedia.com\/definition\/4337\/ransomware\">ransomware<\/a>, <a href=\"https:\/\/www.techopedia.com\/definition\/5484\/trojan-horse\">trojans<\/a>, and <a href=\"https:\/\/www.techopedia.com\/definition\/3743\/encryption-backdoor\">backdoors<\/a> being the top threats.<\/p>\n<p>Following this trend, Bitdefender recently uncovered a <a href=\"https:\/\/www.bitdefender.com\/blog\/labs\/new-macos-backdoor-written-in-rust-shows-possible-link-with-windows-ransomware-group\/\" target=\"_blank\">new backdoor that shares similarities with the criminal groups BlackBasta and ALPHV\/BlackCat<\/a>. The new malware, Trojan.MAC.RustDoor has been hiding in the shadows,, running persistent attacks for the past three months, Bitdefender says.<\/p>\n<p><a href=\"https:\/\/www.linkedin.com\/in\/bogdanbotezatu\/\" target=\"_blank\">Bogdan Botezatu<\/a>, Director of Threat Research and Reporting at Bitdefender, spoke to Techopedia to explain why Apple users are in the cross hairs of cybercriminal gangs, and how bad actors are succeeding in breaching macOS systems.<\/p>\n<blockquote><p>&#8220;Macs have unfortunately become valuable targets because of their increased penetration in the enterprise. Some cybercrime groups are now attempting to carve a niche for themselves in the Mac space to move into other ecosystems because of fierce competition in the Windows landscape.&#8221;<\/p><\/blockquote>\n<div class=\"su-note\"  style=\"border-color:#dddddd;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;\"><div class=\"su-note-inner su-u-clearfix su-u-trim\" style=\"background-color:#f7f7f7;border-color:#ffffff;color:#333333;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;\">\n<h2><span id=\"key_takeaways\">Key Takeaways<\/span><\/h2>\n<ul>\n<li>Malware on macOS is evolving from adware to the more dangerous trojans, backdoors, and stealers.<\/li>\n<li>Cybergangs such as Lazarus Group and infamous ransomware operators like BlackBasta and BlackCat are now linked to the new wave of attacks targeting macOS systems.<\/li>\n<li>Impersonating popular apps and services, software releases and OS updates, zero-day vulnerabilities, and gaps in Mac users&#8217; security awareness are the tools criminals leverage to succeed and breach into Apple territory.<\/li>\n<\/ul>\n<\/div><\/div>\n<div>\n    <section class=\"toc-sticky w-100 bg-white \">\n        <div class=\"toc-sticky__container container\">\n            <div class=\"toc-sticky__open d-flex align-items-end\" data-bs-toggle=\"collapse\"\n                 aria-controls=\"multiCollapse1\"\n                 data-bs-target=\"#multiCollapse1\">\n                <button\n                        class=\"btn btn-primary collapse-action-btn p-1 rounded-circle\"\n                        type=\"button\"\n                >\n                    <i class=\"icon-chevron-up\"><\/i>\n                <\/button>\n                <span id=\"toc-current-title\" class=\"d-flex align-items-center\">\n                    Table of Contents\n                <\/span>\n                <span class=\"toc-main-title-permanent\">Table of Contents<\/span>\n            <\/div>\n            <div\n                    class=\"collapse my-3\"\n                    id=\"multiCollapse1\"\n            >\n                <ol class=\"StepProgress\">\n                                                                        <li class=\"StepProgress-item current\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"key_takeaways\"\n                               onclick=handleScrollToTitle(\"key_takeaways\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">Key Takeaways<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"why_are_criminal_gangs_going_after_mac_users\"\n                               onclick=handleScrollToTitle(\"why_are_criminal_gangs_going_after_mac_users\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">Why Are Criminal Gangs Going After Mac Users?<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"latest_threats_on_macos\"\n                               onclick=handleScrollToTitle(\"latest_threats_on_macos\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">Latest Threats on MacOS<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"the_new_mac_rust_backdoor\"\n                               onclick=handleScrollToTitle(\"the_new_mac_rust_backdoor\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">The New Mac Rust Backdoor<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"user_error_and_hacking_tactics\"\n                               onclick=handleScrollToTitle(\"user_error_and_hacking_tactics\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">User Error and Hacking Tactics<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"signs_that_the_new_backdoor_is_linked_to_blackcat\"\n                               onclick=handleScrollToTitle(\"signs_that_the_new_backdoor_is_linked_to_blackcat\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">Signs That The New Backdoor is Linked To BlackCat<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"the_most_common_form_of_mac_trojans\"\n                               onclick=handleScrollToTitle(\"the_most_common_form_of_mac_trojans\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">The Most Common Form of Mac Trojans<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"constant_security_patches_and_zero-day_exploits\"\n                               onclick=handleScrollToTitle(\"constant_security_patches_and_zero-day_exploits\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">Constant Security Patches and Zero-Day Exploits<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"staying_safe_from_trojans_on_a_mac\"\n                               onclick=handleScrollToTitle(\"staying_safe_from_trojans_on_a_mac\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">Staying Safe from Trojans on a Mac<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                                                        <li class=\"StepProgress-item\">\n                                                <div class=\"StepProgress-item__group\">\n                            <a data-id=\"references\"\n                               onclick=handleScrollToTitle(\"references\")\n                               class=\"StepProgress-item__link\" data-level=\"2\">References<\/a>\n                                                    <\/div>\n                                                <\/li>\n                                    <\/ol>\n                <div class=\"toc-sticky__container__disperse\"><\/div>\n                <div class=\"toc-sticky__btn-top justify-content-center\">\n                    <button class=\"btn btn-link d-flex align-items-center\" onclick={btnTop()}><p>Show Full Guide<\/p><img decoding=\"async\"\n                                src=\"\/wp-content\/plugins\/table-of-contents\/assets\/images\/arrow-up-circle.svg\"\n                                alt=\"arrow-up-circle\">\n                    <\/button>\n                <\/div>\n            <\/div>\n        <\/div>\n    <\/section>\n    <div class=\"toc-sticky-list\">\n        <div class=\"toc-sticky__container container\">\n            <div class=\"toc-sticky__open d-flex align-items-end\" data-bs-toggle=\"collapse\" aria-controls=\"multiCollapse2\" data-bs-target=\"#multiCollapse2\">\n                <button class=\"btn btn-primary collapse-action-btn p-1 rounded-circle\"\n                        type=\"button\">\n                    <i class=\"icon-chevron-up up\"><\/i>\n                <\/button>\n                <span id=\"toc-current-title\" class=\"d-flex align-items-center\">\n                    Table of Contents\n                <\/span>\n            <\/div>\n            <div  class=\"collapse my-3\" id=\"multiCollapse2\">\n                <ol class=\"StepProgress\">\n                    \t\t\t\t\t \t\t\t\t\t                                                     <li class=\"StepProgress-item current \">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"key_takeaways\"\n                                   onclick=handleScrollToTitle(\"key_takeaways\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">Key Takeaways<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t                                                     <li class=\"StepProgress-item \">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"why_are_criminal_gangs_going_after_mac_users\"\n                                   onclick=handleScrollToTitle(\"why_are_criminal_gangs_going_after_mac_users\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">Why Are Criminal Gangs Going After Mac Users?<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t                                                     <li class=\"StepProgress-item \">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"latest_threats_on_macos\"\n                                   onclick=handleScrollToTitle(\"latest_threats_on_macos\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">Latest Threats on MacOS<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t\n\t\t\t\t\t\t <span class=\"show_moretoc\">Show Full Guide<\/span>\n\t\t\t\t\t\t \t\t\t\t\t \t\t\t\t\t\t  \t\t\t\t\t                                                      <li class=\"StepProgress-item ms_hidetoc\">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"the_new_mac_rust_backdoor\"\n                                   onclick=handleScrollToTitle(\"the_new_mac_rust_backdoor\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">The New Mac Rust Backdoor<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t \t\t\t\t\t\t  \t\t\t\t\t                                                      <li class=\"StepProgress-item ms_hidetoc\">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"user_error_and_hacking_tactics\"\n                                   onclick=handleScrollToTitle(\"user_error_and_hacking_tactics\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">User Error and Hacking Tactics<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t \t\t\t\t\t\t  \t\t\t\t\t                                                      <li class=\"StepProgress-item ms_hidetoc\">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"signs_that_the_new_backdoor_is_linked_to_blackcat\"\n                                   onclick=handleScrollToTitle(\"signs_that_the_new_backdoor_is_linked_to_blackcat\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">Signs That The New Backdoor is Linked To BlackCat<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t \t\t\t\t\t\t  \t\t\t\t\t                                                      <li class=\"StepProgress-item ms_hidetoc\">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"the_most_common_form_of_mac_trojans\"\n                                   onclick=handleScrollToTitle(\"the_most_common_form_of_mac_trojans\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">The Most Common Form of Mac Trojans<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t \t\t\t\t\t\t  \t\t\t\t\t                                                      <li class=\"StepProgress-item ms_hidetoc\">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"constant_security_patches_and_zero-day_exploits\"\n                                   onclick=handleScrollToTitle(\"constant_security_patches_and_zero-day_exploits\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">Constant Security Patches and Zero-Day Exploits<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t \t\t\t\t\t\t  \t\t\t\t\t                                                      <li class=\"StepProgress-item ms_hidetoc\">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"staying_safe_from_trojans_on_a_mac\"\n                                   onclick=handleScrollToTitle(\"staying_safe_from_trojans_on_a_mac\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">Staying Safe from Trojans on a Mac<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                    \t\t\t\t\t \t\t\t\t\t \t\t\t\t\t\t  \t\t\t\t\t                                                      <li class=\"StepProgress-item ms_hidetoc\">\n                                                    <div class=\"StepProgress-item__group\">\n                                <a data-id=\"references\"\n                                   onclick=handleScrollToTitle(\"references\")\n                                   class=\"StepProgress-item__link\"\n                                   data-level=\"2\">References<\/a>\n                                                            <\/div>\n                                                    <\/li>\n                                    <\/ol>\n            <\/div>\n            <div class=\"toc-sticky__container__disperse\"><\/div>\n        <\/div>\n    <\/div>\n<\/div>\n\n<script id=\"toc-js\">\n    window.addEventListener(\"DOMContentLoaded\", () => {\n        const header = document.querySelector(\".header_wrapper\");\n\n        const pageLegend = document.querySelector('#multiCollapse1');\n        const pageLegendList = document.querySelector('#multiCollapse2');\n        const pageLegendCollapse = new bootstrap.Collapse(pageLegend, {toggle: document.querySelector(\".toc-sticky\").classList.contains('sticky')});\n\n        \/**\n         * Changing current title\n         *\/\n        (function (pageLegend) {\n            const titleNodes = pageLegend.querySelectorAll('.StepProgress-item__link');\n\n            if (!titleNodes.length) return;\n\n            const titles = [...titleNodes].map((itm, i) => ({\n                id: itm.getAttribute('data-id'),\n                text: itm.textContent,\n                level: itm.getAttribute('data-level'),\n                linkNode: itm,\n                titleNode: document.getElementById(itm.getAttribute('data-id')),\n                index: i,\n            }));\n\n            \/**\n             * Source: https:\/\/www.sitepoint.com\/throttle-scroll-events\/\n             * @param {Function} fn\n             * @param {number} wait\n             * @returns {(function(): void)|*}\n             *\/\n            const throttle = (fn, wait) => {\n                let time = Date.now();\n                return function () {\n                    if ((time + wait - Date.now()) < 0) {\n                        fn();\n                        time = Date.now();\n                    }\n                }\n            }\n\n            const changeCurrentTitle = () => {\n                const documentScrollTop = window.pageYOffset || document.documentElement.scrollTop || document.body.scrollTop || 0;\n                let current = 0;\n\n                \/\/ Title\n                titles.forEach((itm, i) => {\n\t\t\t\t\/\/console.log(itm)\n                    const itmOffsetTop = itm.titleNode ? itm.titleNode.offsetTop - 100 : 0;\n\n                    if (documentScrollTop >= itmOffsetTop) {\n                        document.getElementById('toc-current-title').innerHTML = itm.text;\n                        document.getElementById('toc-current-title').setAttribute('data-current-id', itm.id);\n                        document.getElementById('toc-current-title').setAttribute('data-current-level', itm.level);\n                        current = i;\n                    }\n                })\n\n                \/\/ close all list and open sub list if needed\n                if (document.querySelector(\".toc-sticky\").classList.contains('sticky')) {\n                    document.querySelectorAll('.subList-in-progress').forEach((el) => {\n                        el.children[1].classList.remove('show');\n                        el.getElementsByClassName('icon-chevron-down')[0].classList.remove('up');\n                    });\n                    const currentEl = titles[current];\n                    currentEl.linkNode.classList.add('show');\n                }\n\n                titles.forEach((itm, i) => {\n                    itm.linkNode.parentNode.parentNode.classList.remove('current', 'is-done');\n                    if (current > i) {\n                        itm.linkNode.parentNode.parentNode.classList.add('is-done')\n                    };\n                    if (current === i) {\n                      itm.linkNode.parentNode.parentNode.classList.add('current');\n                    };\n                })\n\n            }\n\n            changeCurrentTitle();\n\n            document.addEventListener('scroll', throttle(changeCurrentTitle, 50));\n        })(pageLegend);\n\n\n        \/**\n         *  Collapse\n         *\/\n        (function (pageLegend, header) {\n            const icon = pageLegend.parentNode.querySelector(\".collapse-action-btn i\");\n\n            const collapseToggle = (status) => (e) => {\n                if (!e.target.isEqualNode(pageLegend)) return;\n\n                icon.classList.toggle(\"up\");\n\n                const containerHeight = pageLegend.getBoundingClientRect().height;\n\n                const showSubtitleContent = () => {\n                    const currentId = document.getElementById('toc-current-title').getAttribute('data-current-id');\n                    const currentLevel = document.getElementById('toc-current-title').getAttribute('data-current-level');\n                    const currentSubTitle = currentLevel == 3 ? document.querySelector(`a[data-id=\"${currentId}\"]`).parentNode.parentNode.parentNode : false;\n\n                    if (!currentSubTitle) return;\n                    new bootstrap.Collapse(currentSubTitle, {toggle: false}).show();\n                }\n\n                showSubtitleContent();\n                if (status === 'shown' && document.querySelector(\".toc-sticky\").classList.contains('sticky') ) {\n                    document.querySelector('html').classList.remove('overflow-hidden');\n                    pageLegend.classList.add('overflow-auto');\n                    pageLegend.style.height = `calc(100vh - ${header.getBoundingClientRect().height + document.querySelector('.toc-sticky__open').getBoundingClientRect().height + 16}px)`;\n                } else if (status === 'hide') {\n                    document.querySelector('html').classList.remove('overflow-hidden');\n                    pageLegend.classList.remove('overflow-auto');\n                    pageLegend.style.height = 'auto';\n                }\n            }\n\n            pageLegend.addEventListener('shown.bs.collapse', collapseToggle('shown'));\n            pageLegend.addEventListener('hide.bs.collapse', collapseToggle('hide'));\n        })(pageLegend, header);\n\n        \/**\n         * Collapse sub-titles\n         *\/\n        (function (pageLegend) {\n            const collapseEls = pageLegend.querySelectorAll('.collapse');\n\n            collapseEls.forEach(function (el) {\n\n                const toggleArrowDirection = function (e) {\n                    if (!e.target.isEqualNode(el)) return;\n\n                    const id = this.getAttribute('id');\n                    document.querySelector(`.collapse-action-btn[data-bs-target=\"#${id}\"] .icon-chevron-down`).classList.toggle('up');\n                }\n                el.addEventListener('shown.bs.collapse', toggleArrowDirection);\n                el.addEventListener('hide.bs.collapse', toggleArrowDirection);\n            })\n        })(pageLegend);\n\n        \/**\n         *  Collapse main title\n         *\/\n        (function (pageLegendList) {\n            const icon = pageLegendList.parentNode.querySelector(\".collapse-action-btn i\");\n\n            const collapseToggle = () => (e) => {\n                if (!e.target.isEqualNode(pageLegendList)) return;\n\n                icon.classList.toggle(\"up\");\n\n            }\n            pageLegendList.addEventListener('shown.bs.collapse', collapseToggle());\n            pageLegendList.addEventListener('hide.bs.collapse', collapseToggle());\n        })(pageLegendList);\n\n        (function (pageLegendList) {\n            const collapseEls = pageLegendList.querySelectorAll('.collapse');\n\n            collapseEls.forEach(function (el) {\n\n                const toggleArrowDirection = function (e) {\n                    if (!e.target.isEqualNode(el)) return;\n\n                    const id = this.getAttribute('id');\n                    document.querySelector(`.toc-sticky-list .collapse-action-btn[data-bs-target=\"#${id}\"] .icon-chevron-down`).classList.toggle('up');\n                }\n                el.addEventListener('shown.bs.collapse', toggleArrowDirection);\n                el.addEventListener('hide.bs.collapse', toggleArrowDirection);\n            })\n        })(pageLegendList);\n\n        \/**\n         * Sticky functionality\n         * Source: https:\/\/stackoverflow.com\/questions\/17893771\/javascript-sticky-div-after-scroll\n         *\/\n        (function (header, pageLegendCollapse) {\n            \/\/ set everything outside the onscroll event (less work per scroll)\n            const target = document.querySelector(\".toc-sticky\");\n            const targetListStatic = document.querySelector(\".toc-sticky-list\");\n\n            if (!target || !header) return;\n\n            const headerHeight = header.getBoundingClientRect().height;\n            const targetHeight = targetListStatic.getBoundingClientRect().height;\n\n            \/\/ -headerHeight so it won't be jumpy\n            const stop = targetListStatic.offsetTop + headerHeight + targetHeight;\n            const docBody =\n                document.documentElement || document.body.parentNode || document.body;\n            const hasOffset = window.pageYOffset !== undefined;\n\n            const applySticky = function () {\n                \/\/ cross-browser compatible scrollTop.\n                const scrollTop = hasOffset ? window.pageYOffset : docBody.scrollTop;\n\n                \/\/ if user scrolls to headerHeight from the top of the target div\n                if (scrollTop >= stop) {\n                    pageLegendCollapse.hide();\n                    \/\/ stick the div\n                    target.classList.add(\"sticky\");\n                    \/\/target.style.marginTop = `${headerHeight}px`;\n                } else {\n                    pageLegendCollapse.show();\n                    \/\/ release the div\n                    target.classList.remove(\"sticky\");\n                    target.style.marginTop = \"\";\n                }\n            }\n\n            applySticky();\n\n            window.addEventListener('scroll', applySticky);\n        })(header, pageLegendCollapse);\n\tjQuery('span.show_moretoc').click(function(){\n\t\tjQuery('span.show_moretoc').hide();\n\t   jQuery('.ms_hidetoc').show();\n\t});\n    });\n\n    \/\/ When the user clicks on the button, scroll to the top of the document\n    function btnTop() {\n        const pageLegend = document.querySelector('#multiCollapse1');\n        document.querySelector('html').classList.remove('overflow-hidden');\n        pageLegend.classList.remove('overflow-auto');\n        pageLegend.style.height = 'auto';\n        window.scrollTo({\n            top: 0,\n            behavior: 'smooth'\n        });\n    }\n\n    const handleScrollToTitle = (id) => {\n        const el = document.getElementById(id);\n        const headerHeightDifference = window.innerWidth < 992 ? -30 : -15;\n        window.scrollTo({\n            top: el.offsetTop - 60 - headerHeightDifference - 10,\n        });\n    }\n<\/script>\n\n<h2><span id=\"why_are_criminal_gangs_going_after_mac_users\">Why Are Criminal Gangs Going After Mac Users?<\/span><\/h2>\n<p>Historically, the majority of malware has been mostly designed and coded to attack Windows OS. The reason for this is quite simple. Windows OS has been the most popular system in the world, holding above 70% of the global market share since 2013, as <a href=\"https:\/\/www.statista.com\/statistics\/218089\/global-market-share-of-windows-7\/\" target=\"_blank\">Statista<\/a> reports. But over the same period, macOS adoption began to rise, especially in enterprises \u2014 where surveys suggest <a href=\"https:\/\/9to5mac.com\/2024\/02\/17\/it-trends-report-reveals-apples-enterprise-growth-will-continue\/\" target=\"_blank\">22.4% of enterprise devices are MacOS<\/a>.<\/p>\n<p>Additionally, other factors are in play. Apple products have a mysticism about them. For example, Business Live research shows that more than half of those surveyed consider Apple devices &#8220;<a href=\"https:\/\/www.businesslive.co.za\/redzone\/news-insights\/2024-01-17-apple-is-the-worlds-most-valuable-brand-says-brand-finance\/\" target=\"_blank\">more expensive but worth the value<\/a>&#8220;. Studies like these have been fueling a social perception that Mac users are high-value persons, attracting the interest of known cybergangs.<\/p>\n<h2><span id=\"latest_threats_on_macos\">Latest Threats on MacOS<\/span><\/h2>\n<p>One of these gangs is the Lazarus Group \u2014 linked to North Korea \u2014 who last year launched a malware called KandyKorn targeting macOS users who worked in crypto and blockchain. Since then, several other new Mac malware have been spotted in the wild.<\/p>\n<p>Now, Bitdefender presented evidence that strongly suggests that <a href=\"https:\/\/www.bitdefender.com\/blog\/labs\/new-macos-backdoor-written-in-rust-shows-possible-link-with-windows-ransomware-group\/\" target=\"_blank\">BlackBasta and BlackCat<\/a> are also going into the Mac cyberattack market. Botezatu from Bitdefender explained to Techopedia why macOS malware is proliferating.<\/p>\n<blockquote><p>&#8220;As macOS has steadily gained ground in market share over the past few years, it has become much more attractive for cybercrime groups.<\/p>\n<p>&#8220;&#8216;Traditional&#8217; macOS threats such as potentially unwanted apps (PUA) or aggressive adware have been surpassed in numbers by more devastating Trojans.&#8221;<\/p><\/blockquote>\n<h2><span id=\"the_new_mac_rust_backdoor\">The New Mac Rust Backdoor<\/span><\/h2>\n<p>Coded in Rust, a language that BlackCat has been using for years, the new Mac backdoor, discovered by Bitdefender, breaches into systems as a trojan. The attackers behind this campaign have created fake websites that lure potential victims into downloading a Mac update for Visual Studio \u2014 a popular software used to develop apps, web or desktop applications, and games.<\/p>\n<p>Once victims download and install the malicious file, the installer creates a backdoor without the user ever knowing that his system has been breached and compromised.<\/p>\n<p>This new malware is designed to steal files that are of specific extensions and sizes. It looks in the Documents and Desktop folders and on Notes, copies the files it wants to extract, then conceals them in a hidden folder and compresses them into a ZIP file, before finally sending them over to the attacker&#8217;s C2 server.<\/p>\n<p>The installer runs an extraction with the sysctl command and the output of two other commands (pwd and hostname) to then submit them to the Register endpoint of the Control and Command server, and assign and receive a Victim ID.<\/p>\n<p>Attackers use the Victim ID to communicate with the compromised macOS and then can take control of the computer remotely, gain information on the system, send and receive payloads, exchange information about tasks executed on the breached device, and steal files.<\/p>\n<h2><span id=\"user_error_and_hacking_tactics\">User Error and Hacking Tactics<\/span><\/h2>\n<p>Attackers are also leveraging the myths that users do not need <a href=\"https:\/\/www.techopedia.com\/antivirus\/best-antivirus-mac\">Mac antivirus software<\/a>\u00a0or are immune to malware.<\/p>\n<p>The new Mac Rust backdoor attack, like other Mac attacks, can only be successful when Mac users visit malicious sites, do not check URLs, down software, files or apps from unverified sites, but once that has happened, they are free to operate without a second layer of security such as a trusted and professional anti-malware running in the background.<\/p>\n<p>Even savvy users can be tricked into downloading and executing an infected file. For example, the <a href=\"https:\/\/www.malwarebytes.com\/blog\/threat-intelligence\/2024\/01\/atomic-stealer-rings-in-the-new-year-with-updated-version\" target=\"_blank\">Mac AMOS stealer<\/a> recently updated itself pretending to be Slack, and the recent Trojan.MAC.RustDoor impersonates an update for Visual Studio. Criminals will continue using this tactic as long as they continue getting results. And Mac users&#8217; security awareness can influence those results.<\/p>\n<h2><span id=\"signs_that_the_new_backdoor_is_linked_to_blackcat\">Signs That The New Backdoor is Linked To BlackCat<\/span><\/h2>\n<p>Bitdefender&#8217;s digital forensics shows that the Trojan.MAC.RustDoor is a new undocumented family of malware. However, despite not confidently attributing it to any known threat actors, the security company says several factors signal to BlackCat.<\/p>\n<p>First of all, as mentioned, the backdoor is coded in Rust, a programming language used by BlackCat. Additionally, three out of the four command and control servers were previously associated with ransomware campaigns targeting Windows clients, BitDefender said.<\/p>\n<p>Malware coded in Rust is stealthy and very evasive as the coding language is relatively new, and Rust security tools are not as adopted as other tools for other languages.<\/p>\n<p>Unlike Python, which uses interpreters, Rust compiles directly to machine code, obscuring its intent.<\/p>\n<p>BitDefender says that they have already discovered several different versions of the new backdoor.<\/p>\n<p>Botezatu shared with Techopedia Bitdefender&#8217;s latest <a href=\"https:\/\/www.bitdefender.com\/files\/News\/CaseStudies\/study\/435\/Bitdefender-PR-macOSThreats-report-creat7116-en-EN-interactive.pdf\" target=\"_blank\">macOS Threat Landscape Report<\/a>, adding:<\/p>\n<blockquote><p>&#8220;Apple finds itself consistently having to patch actively exploited vulnerabilities as threat actors employ social engineering vectors and spray-and-pray techniques,&#8221;<\/p><\/blockquote>\n<h2><span id=\"the_most_common_form_of_mac_trojans\">The Most Common Form of Mac Trojans<\/span><\/h2>\n<div class=\"su-tabs su-tabs-style-default su-tabs-mobile-stack su-tabs-vertical\" data-active=\"1\" data-scroll-offset=\"0\" data-anchor-in-url=\"no\"><div class=\"su-tabs-nav\"><span class=\"\" data-url=\"\" data-target=\"blank\" tabindex=\"0\" role=\"button\">1. EvilQuest<\/span><span class=\"\" data-url=\"\" data-target=\"blank\" tabindex=\"0\" role=\"button\">2. Generic Trojans<\/span><span class=\"\" data-url=\"\" data-target=\"blank\" tabindex=\"0\" role=\"button\">3. Exploit Trojans<\/span><span class=\"\" data-url=\"\" data-target=\"blank\" tabindex=\"0\" role=\"button\">4. Flashback<\/span><span class=\"\" data-url=\"\" data-target=\"blank\" tabindex=\"0\" role=\"button\">5. Empire<\/span><span class=\"\" data-url=\"\" data-target=\"blank\" tabindex=\"0\" role=\"button\">6. Shellcode<\/span><span class=\"\" data-url=\"\" data-target=\"blank\" tabindex=\"0\" role=\"button\">7. Shlayer<\/span><\/div><div class=\"su-tabs-panes\"><div class=\"su-tabs-pane su-u-clearfix su-u-trim\" data-title=\"1. EvilQuest\">\n<h4>EvilQuest<\/h4>\n<p>First discovered in mid-2020, EvilQuest remains the single most common Trojan targeting Macs, with a 52.7% share.<\/p>\n<p>The malware bundles a ransomware component designed to encrypt and pilfer the victim\u2019s files, as well as a keylogger to record keystrokes and steal personal or financial data.<\/p>\n<p>While most antivirus vendors recognize and block EvilQuest, its continued abundance indicates that attackers are still using it in a spray-and-pray fashion, hoping to catch unprotected systems in their nets.<\/p>\n<\/div>\n<div class=\"su-tabs-pane su-u-clearfix su-u-trim\" data-title=\"2. Generic Trojans\">\n<h4>Generic Trojans<\/h4>\n<p>Twenty-two percent of detections include several Generic Trojans whose characteristics are similar, if not identical, and therefore don\u2019t get their own name on the list.<\/p>\n<\/div>\n<div class=\"su-tabs-pane su-u-clearfix su-u-trim\" data-title=\"3. Exploit Trojans\">\n<h4>Exploit Trojans<\/h4>\n<p>Taking third place with an 8.2% detection rate, Exploit Trojans leverage known \/ unpatched flaws in macOS and are designed to deploy timely payloads (additional malware components) without the user\u2019s knowledge.<\/p>\n<p>Exploit-centric Trojans present a real danger to users who don\u2019t run an antivirus on their Mac or, as is typical, postpone installing their security patches from Apple.<\/p>\n<\/div>\n<div class=\"su-tabs-pane su-u-clearfix su-u-trim\" data-title=\"4. Flashback\">\n<h4>Flashback<\/h4>\n<p>With a relatively small 2.7% detection rate, Flashback represents a type of Trojan that disguises itself as a legitimate app or installer (update) to trick users into running the threat with their own hands.<\/p>\n<p>Flashback marked the beginning of sustained malware development for the Mac when it emerged more than a decade ago.<\/p>\n<p>It\u2019s enough to warrant it a mention as it still makes the rounds 12 years after it was originally detected by security researchers.<\/p>\n<\/div>\n<div class=\"su-tabs-pane su-u-clearfix su-u-trim\" data-title=\"5. Empire\">\n<h4>Empire<\/h4>\n<p>Empire is a partially defunct threat, but still emerges in BitDefender\u2019s telemetry with a 2.6% detection rate years after inception. Its rapidly-deployable post-exploitation modules include keyloggers and data stealers, and it boasts adaptable communications to evade network detection.<\/p>\n<\/div>\n<div class=\"su-tabs-pane su-u-clearfix su-u-trim\" data-title=\"6. Shellcode\">\n<h4>Shellcode<\/h4>\n<p>Shellcode is an instruction set that can be leveraged to execute a command and take control of or exploit a vulnerable machine.<\/p>\n<p>Trojans that run Shellcode on the target system to launch malware or download additional payloads had a considerably low detection rate of 1.9% during the tracked period (Jan-Dec 2022).<\/p>\n<\/div>\n<div class=\"su-tabs-pane su-u-clearfix su-u-trim\" data-title=\"7. Shlayer\">\n<h4>Shlayer<\/h4>\n<p>Typically disguised as installers and various cracking tools, Shlayer continues to emerge 1.4% of the time and delivers adware, unwanted applications, and promotes fake search engines. Most infections come from warez and torrent sites.<\/p>\n<\/div><\/div><\/div>\n<h2><span id=\"constant_security_patches_and_zero-day_exploits\">Constant Security Patches and Zero-Day Exploits<\/span><\/h2>\n<p>In the past six months, Apple has released over 60 <a href=\"https:\/\/support.apple.com\/en-us\/HT201222\" target=\"_blank\">security releases<\/a> for all its devices \u2014 including Macs, iPhones, iPads, and the Apple Watch. Twenty-eight of those security patches were released in the past three months, some of these rushed to patch critical security vulnerabilities as new OSs were rolled out.<\/p>\n<p>The rate of modern software development, app releases, and updates is fast-paced, and security patches are not uncommon. They affect all software companies, not just Apple. However, for cybercriminals, new software and OS are a golden opportunity to exploit, and zero-day exploits are trending in the underground criminal world.<\/p>\n<p>The report adds that black hat hackers are not just exploiting zero-day vulnerabilities but also users&#8217; lax cybersecurity hygiene. Whether it be a trojan, a crypto jacker, a backdoor, or a ransomware attack on Mac, they are all triggered by human error.<\/p>\n<h2><span id=\"staying_safe_from_trojans_on_a_mac\">Staying Safe from Trojans on a Mac<\/span><\/h2>\n<p>As worrying as the new wave of malware coded for Mac environments are, there are still several things users can do to keep secure.<\/p>\n<p>Bitdefender&#8217;s report explains that malware such as trojans, which exploit unpatched vulnerabilities, are particularly dangerous for users who postpone installing Apple&#8217;s latest security patch. Therefore, keeping a Mac up to date is critical for its security.<\/p>\n<p>Paying close attention to the URLs when visiting unknown sites is also important. Furthermore, all downloads should be done through legitimate and trusted sites. Users also need to be aware of the latest trends and techniques used by cybercriminals as they are constantly innovating and finding new ways to trick users.<\/p>\n<p>Another technique that is gaining popularity is the use of fake ads on popular search engines like Google that criminals use to redirect victims to malicious phishing sites. Setting browser settings to the highest security levels and not ignoring a warning when a site is flagged as malicious is also important.<\/p>\n<p>Finally, scanning a Mac regularly and investing in additional professional security always goes a long way.<\/p>\n<div class=\"reference-content\">\n<div class=\"reference-heading reference-content-collapsible-heading\">\n<h2><span id=\"references\">References<\/span><\/h2>\n<\/div>\n<div class=\"reference-content-body\">\n<ul>\n<li><a href=\"https:\/\/objective-see.org\/blog\/blog_0x77.html\" target=\"_blank\" rel=\"noopener\">The Mac Malware of 2023 by Patrick Wardle<\/a> (Objective-See)<\/li>\n<li><a href=\"https:\/\/www.bitdefender.com\/blog\/labs\/new-macos-backdoor-written-in-rust-shows-possible-link-with-windows-ransomware-group\/\" target=\"_blank\" rel=\"noopener\">New macOS Backdoor Written in Rust Shows Possible Link with Windows Ransomware Group<\/a> (Bitdefender)<\/li>\n<li><a href=\"https:\/\/www.linkedin.com\/in\/bogdanbotezatu\/\" target=\"_blank\" rel=\"noopener\">Bogdan Botezatu<\/a> (LinkedIn)<\/li>\n<li><a href=\"https:\/\/www.statista.com\/statistics\/218089\/global-market-share-of-windows-7\/\" target=\"_blank\" rel=\"noopener\">Global market share held by operating systems for desktop PCs, from January 2013 to July 2023<\/a> (Statista)<\/li>\n<li><a href=\"https:\/\/9to5mac.com\/2024\/02\/17\/it-trends-report-reveals-apples-enterprise-growth-will-continue\/\" target=\"_blank\" rel=\"noopener\">Apple @ Work: IT Trends Report reveals Apple\u2019s enterprise growth will continue<\/a> (9to5Mac)<\/li>\n<li><a href=\"https:\/\/www.businesslive.co.za\/redzone\/news-insights\/2024-01-17-apple-is-the-worlds-most-valuable-brand-says-brand-finance\/\" target=\"_blank\" rel=\"noopener\">Apple is the world\u2019s most valuable brand, says Brand Finance<\/a> (BusinessLIVE)<\/li>\n<li><a href=\"https:\/\/www.malwarebytes.com\/blog\/threat-intelligence\/2024\/01\/atomic-stealer-rings-in-the-new-year-with-updated-version\" target=\"_blank\" rel=\"noopener\">Atomic Stealer rings in the new year with updated version<\/a> (MalwareBytes)<\/li>\n<li><a href=\"https:\/\/www.bitdefender.com\/files\/News\/CaseStudies\/study\/435\/Bitdefender-PR-macOSThreats-report-creat7116-en-EN-interactive.pdf\" target=\"_blank\" rel=\"noopener\">macOS Threat Landscape Report<\/a> (Bitdefender)<\/li>\n<li><a href=\"https:\/\/support.apple.com\/en-us\/HT201222\" target=\"_blank\" rel=\"noopener\">Apple security releases<\/a> (Apple)<\/li>\n<\/ul>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>The days in which Mac users could assume that they were operating one of the most secure OS in the market are over. Mac malware is on the rise and becoming more dangerous. Patrick Wardle, a researcher specializing in Apple security, recently concluded that new macOS malware specimens increased roughly 100% from 2022 to 2023, [&hellip;]<\/p>\n","protected":false},"author":286688,"featured_media":187477,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_lmt_disableupdate":"","_lmt_disable":"","om_disable_all_campaigns":false,"footnotes":""},"categories":[585,548],"tags":[],"category_partsoff":[],"class_list":["post-187405","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-threats","category-cybersecurity"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v24.2 (Yoast SEO v24.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>As Mac Adoption Rises, the Malware Attacks Increase - Techopedia<\/title>\n<meta name=\"description\" content=\"As macOS malware continues to increase and become more damaging, we analyze the trend, the latest Mac malware attacks, and talk to Bitdefender to gain insights.\" \/>\n<meta name=\"robots\" content=\"noindex, follow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"As MacOS Adoption Rises, the Malware Attacks Increase\" \/>\n<meta property=\"og:description\" content=\"As macOS malware continues to increase and become more damaging, we analyze the trend, the latest Mac malware attacks, and talk to Bitdefender to gain insights.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos\" \/>\n<meta property=\"og:site_name\" content=\"Techopedia\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/techopedia\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-02-20T13:53:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-02-20T14:16:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/02\/Mac-Malware.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ray Fernandez\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@techopedia\" \/>\n<meta name=\"twitter:site\" content=\"@techopedia\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ray Fernandez\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos\"},\"author\":{\"name\":\"Ray Fernandez\",\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/person\/687890072e5e44867899acd7d6176e6c\"},\"headline\":\"As MacOS Adoption Rises, the Malware Attacks Increase\",\"datePublished\":\"2024-02-20T13:53:07+00:00\",\"dateModified\":\"2024-02-20T14:16:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos\"},\"wordCount\":1917,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.techopedia.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/02\/Mac-Malware.jpg\",\"articleSection\":\"\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#respond\"]}],\"copyrightYear\":\"2024\",\"copyrightHolder\":{\"@id\":\"https:\/\/www.techopedia.com\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos\",\"url\":\"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos\",\"name\":\"As Mac Adoption Rises, the Malware Attacks Increase - Techopedia\",\"isPartOf\":{\"@id\":\"https:\/\/www.techopedia.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/02\/Mac-Malware.jpg\",\"datePublished\":\"2024-02-20T13:53:07+00:00\",\"dateModified\":\"2024-02-20T14:16:40+00:00\",\"description\":\"As macOS malware continues to increase and become more damaging, we analyze the trend, the latest Mac malware attacks, and talk to Bitdefender to gain insights.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#primaryimage\",\"url\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/02\/Mac-Malware.jpg\",\"contentUrl\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/02\/Mac-Malware.jpg\",\"width\":1200,\"height\":600,\"caption\":\"An image of a hacker with binary code\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.techopedia.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity\",\"item\":\"https:\/\/www.techopedia.com\/topic\/4\/cybersecurity\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Cyber Threats\",\"item\":\"https:\/\/www.techopedia.com\/topic\/220\/cyber-threats\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"As MacOS Adoption Rises, the Malware Attacks Increase\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.techopedia.com\/#website\",\"url\":\"https:\/\/www.techopedia.com\/\",\"name\":\"Techopedia\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.techopedia.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.techopedia.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.techopedia.com\/#organization\",\"name\":\"Techopedia\",\"url\":\"https:\/\/www.techopedia.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2025\/02\/techopedia-light-logo.svg\",\"contentUrl\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2025\/02\/techopedia-light-logo.svg\",\"caption\":\"Techopedia\"},\"image\":{\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/techopedia\/\",\"https:\/\/x.com\/techopedia\",\"https:\/\/www.linkedin.com\/company\/techopedia\/\",\"https:\/\/www.youtube.com\/c\/Techopedia\"],\"publishingPrinciples\":\"https:\/\/www.techopedia.com\/about\/editorial-policy\",\"ownershipFundingInfo\":\"https:\/\/www.techopedia.com\/about\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/person\/687890072e5e44867899acd7d6176e6c\",\"name\":\"Ray Fernandez\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2023\/10\/avatar_user_286688_1698354675-300x300.jpg\",\"contentUrl\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2023\/10\/avatar_user_286688_1698354675-300x300.jpg\",\"caption\":\"Ray Fernandez\"},\"description\":\"Ray is an independent journalist with 15 years of experience, focusing on the intersection of technology with various aspects of life and society. He joined Techopedia in 2023 after publishing in numerous media, including Microsoft, TechRepublic, Moonlock, Hackermoon, VentureBeat, Entrepreneur, and ServerWatch. He holds a degree in Journalism from Oxford Distance Learning and two specializations from FUNIBER in Environmental Science and Oceanography. When Ray is not working, you can find him making music, playing sports, and traveling with his wife and three kids.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/ray-fernandez\/\"],\"knowsAbout\":[\"Senior Technology Journalist\"],\"url\":\"https:\/\/www.techopedia.com\/contributors\/rayfernandez\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"As Mac Adoption Rises, the Malware Attacks Increase - Techopedia","description":"As macOS malware continues to increase and become more damaging, we analyze the trend, the latest Mac malware attacks, and talk to Bitdefender to gain insights.","robots":{"index":"noindex","follow":"follow"},"og_locale":"en_US","og_type":"article","og_title":"As MacOS Adoption Rises, the Malware Attacks Increase","og_description":"As macOS malware continues to increase and become more damaging, we analyze the trend, the latest Mac malware attacks, and talk to Bitdefender to gain insights.","og_url":"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos","og_site_name":"Techopedia","article_publisher":"https:\/\/www.facebook.com\/techopedia\/","article_published_time":"2024-02-20T13:53:07+00:00","article_modified_time":"2024-02-20T14:16:40+00:00","og_image":[{"width":1200,"height":600,"url":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/02\/Mac-Malware.jpg","type":"image\/jpeg"}],"author":"Ray Fernandez","twitter_card":"summary_large_image","twitter_creator":"@techopedia","twitter_site":"@techopedia","twitter_misc":{"Written by":"Ray Fernandez","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#article","isPartOf":{"@id":"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos"},"author":{"name":"Ray Fernandez","@id":"https:\/\/www.techopedia.com\/#\/schema\/person\/687890072e5e44867899acd7d6176e6c"},"headline":"As MacOS Adoption Rises, the Malware Attacks Increase","datePublished":"2024-02-20T13:53:07+00:00","dateModified":"2024-02-20T14:16:40+00:00","mainEntityOfPage":{"@id":"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos"},"wordCount":1917,"commentCount":0,"publisher":{"@id":"https:\/\/www.techopedia.com\/#organization"},"image":{"@id":"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#primaryimage"},"thumbnailUrl":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/02\/Mac-Malware.jpg","articleSection":"","inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#respond"]}],"copyrightYear":"2024","copyrightHolder":{"@id":"https:\/\/www.techopedia.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos","url":"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos","name":"As Mac Adoption Rises, the Malware Attacks Increase - Techopedia","isPartOf":{"@id":"https:\/\/www.techopedia.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#primaryimage"},"image":{"@id":"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#primaryimage"},"thumbnailUrl":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/02\/Mac-Malware.jpg","datePublished":"2024-02-20T13:53:07+00:00","dateModified":"2024-02-20T14:16:40+00:00","description":"As macOS malware continues to increase and become more damaging, we analyze the trend, the latest Mac malware attacks, and talk to Bitdefender to gain insights.","breadcrumb":{"@id":"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.techopedia.com\/new-trojan-risks-to-macos"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#primaryimage","url":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/02\/Mac-Malware.jpg","contentUrl":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2024\/02\/Mac-Malware.jpg","width":1200,"height":600,"caption":"An image of a hacker with binary code"},{"@type":"BreadcrumbList","@id":"https:\/\/www.techopedia.com\/new-trojan-risks-to-macos#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.techopedia.com\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity","item":"https:\/\/www.techopedia.com\/topic\/4\/cybersecurity"},{"@type":"ListItem","position":3,"name":"Cyber Threats","item":"https:\/\/www.techopedia.com\/topic\/220\/cyber-threats"},{"@type":"ListItem","position":4,"name":"As MacOS Adoption Rises, the Malware Attacks Increase"}]},{"@type":"WebSite","@id":"https:\/\/www.techopedia.com\/#website","url":"https:\/\/www.techopedia.com\/","name":"Techopedia","description":"","publisher":{"@id":"https:\/\/www.techopedia.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.techopedia.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.techopedia.com\/#organization","name":"Techopedia","url":"https:\/\/www.techopedia.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.techopedia.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2025\/02\/techopedia-light-logo.svg","contentUrl":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2025\/02\/techopedia-light-logo.svg","caption":"Techopedia"},"image":{"@id":"https:\/\/www.techopedia.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/techopedia\/","https:\/\/x.com\/techopedia","https:\/\/www.linkedin.com\/company\/techopedia\/","https:\/\/www.youtube.com\/c\/Techopedia"],"publishingPrinciples":"https:\/\/www.techopedia.com\/about\/editorial-policy","ownershipFundingInfo":"https:\/\/www.techopedia.com\/about"},{"@type":"Person","@id":"https:\/\/www.techopedia.com\/#\/schema\/person\/687890072e5e44867899acd7d6176e6c","name":"Ray Fernandez","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.techopedia.com\/#\/schema\/person\/image\/","url":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2023\/10\/avatar_user_286688_1698354675-300x300.jpg","contentUrl":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2023\/10\/avatar_user_286688_1698354675-300x300.jpg","caption":"Ray Fernandez"},"description":"Ray is an independent journalist with 15 years of experience, focusing on the intersection of technology with various aspects of life and society. He joined Techopedia in 2023 after publishing in numerous media, including Microsoft, TechRepublic, Moonlock, Hackermoon, VentureBeat, Entrepreneur, and ServerWatch. He holds a degree in Journalism from Oxford Distance Learning and two specializations from FUNIBER in Environmental Science and Oceanography. When Ray is not working, you can find him making music, playing sports, and traveling with his wife and three kids.","sameAs":["https:\/\/www.linkedin.com\/in\/ray-fernandez\/"],"knowsAbout":["Senior Technology Journalist"],"url":"https:\/\/www.techopedia.com\/contributors\/rayfernandez"}]}},"modified_by":"Michael Simon","_links":{"self":[{"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/posts\/187405","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/users\/286688"}],"replies":[{"embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/comments?post=187405"}],"version-history":[{"count":0,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/posts\/187405\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/media\/187477"}],"wp:attachment":[{"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/media?parent=187405"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/categories?post=187405"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/tags?post=187405"},{"taxonomy":"category_partsoff","embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/category_partsoff?post=187405"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}