Dark Web Threat Actors Targeting macOS | Accenture
www.accenture.com
external-link
Accenture Cyber Threat Intelligence observes an almost 1,000% increase in threat actors from the dark web now targeting macOS. Read the blog.

Based on research across established dark web forums, threat actors are targeting macOS, with exploits trading for millions of dollars

What prompted this increase? Are they targeting a specific business market that predominantly uses MacOS? Or is it due to a recent increase in the availability of Mac exploits?

It may not even be that much of a real increase. The “1000%” increase chart in the article doesn’t have any y-axis label, which is suspicious. Plus percent increases from a small absolute starting point are misleading.

Skimming article, it looks like increase is in dark web posts about MacOS zero days and CVEs rather than actual successful attacks.

During covid, the right wing dipshit-o-sphere tried to scare Asian people into thinking black people were out to get them.

They’d link things like “San Francisco hate crimes against Asians up 500%!” and just counted on no one looking at the numbers, which in these cases were an increase of one per year to five (all committed by one crazy dude)

Anyways, the reactions to that number were my first real internalization of the concept that the majority of people are just too lazy to check sources, which is something I knew but couldn’t quite believe until then.

IIRC, hate crimes against Asian Americans WAS a problem during covid, but it was driven pretty much entirely by said right wing dipshit-o-sphere because of Orange Julius’s “china virus” sentiments. If they were trying to spin that as “Look how dangerous black people are!!”, that is… actually completely unsurprising, almost to a diaappointing degree.

The Doctor
link
fedilink
321Y

More and more, companies are giving their sysadmins and coders Macbooks rather than Wintel laptops. It’s been an upward trend in last eight or nine years. I’ve always thought it was to head 'em off at the pass so they won’t install un-remotely managed and un-monitored Linux distros on company equipment. At any rate, a lot of proprietary stuff winds up on corporate Macbooks, which means targets worth going after. As for availability of exploits for OSX, folks have been hoarding them for this kind of situation. These days, you wait for an optimum target environment before you unleash your 0-days.

@Kazumara@feddit.de
link
fedilink
9
edit-2
1Y

I’ve always thought it was to head 'em off at the pass so they won’t install un-remotely managed and un-monitored Linux distros on company equipment.

For me it’s not working. Every day of having to use macOS drives me closer to doing this. It’s such a fucking annoying system, even after 2.5 years :-D

The standard file manager doesn’t even have an SFTP client. What are they smoking?

My first smartphone was an iPhone back in 2011. I hated that damn thing so much and I can’t even remember the specific reasons why, but I know that I did, and that was years before they went “full Apple” so I will probably never willingly touch another one of their products for the rest of my life.

Sirence
link
fedilink
51Y

deleted by creator

The Doctor
link
fedilink
11Y

I’m stuck with an iPhone for work, too. I really don’t like it. Hell, the only thing I use it for is Okta OTP, I don’t even receive text messages on it. Handy to have a thing to act as a wireless hotspot once in a while, though.

roofuskit
link
fedilink
55
edit-2
1Y

Apple used to brag about how Macs didn’t get viruses. I used to laugh because it wasn’t that they were that much more secur but because their market share was too small to be a profitable target.

Now they’ve cultivated the perfect target user base. A large collection of tech ignorant or adverse people who have lots of money to burn.

When did Apple brag about that? All I can think of is a brief ad campaign where the “PC Guy” had a cold. That’s hardly a claim that Macs have perfect security.

Apple has, in fact, gone on the record as saying they don’t think the Mac is secure enough, and that’s why iOS is locked down as tight as it is.

I don’t recall if Apple themselves actually advertised for that, but it was definitely one of the commonly cited “data points” online when you were looking to buy a computer back in the late 00’s / early 10’s. Back then, I recall people also thought these fancy new-fangled devices called “smartphones” also couldn’t get viruses, regardless of OS, for the same reasons cited by OP

🦘min0nim🦘
link
fedilink
English
281Y

Well, they were significantly more secure by default than Windows due to various design measures including the separation of user land. And old OS9 was friggin brilliant for a web facing machine back in the day.

OS9 ran absolutely everything with full privileges. It was not even remotely secure. It was basically Windows 95-level security.

@crow@beehaw.org
link
fedilink
English
14
edit-2
1Y

The trick is to use an operating system so niche and different that no one is prepared to hack it.

@sandriver@beehaw.org
link
fedilink
English
61Y

Finally, it’s Plan 9’s time to shine!

The Doctor
link
fedilink
English
81Y

I know a couple of greybeards who’re building a SCO UNIX virtual machine to troll skiddies. I wonder if they’re going to sneak it onto the network at hacker summer camp.

@JaymesRS@midwest.social
link
fedilink
English
3
edit-2
1Y

That’s why I’m still running A/UX.

@lichtmetzger@feddit.de
creator
link
fedilink
English
161Y

Installing TempleOS in da club

phi1997
link
fedilink
181Y

For those who take this seriously: don’t. Security by obscurity does not work.

I practice security through obsolescence instead, all my data is stored on 3 1/2” floppies and if I need to send someone a voice message I post it on a cassette.

interolivary
link
fedilink
English
211Y

Welp, maybe I’ll finally have to get around to installing some sort of anti-virus/malware software after 20 years of macOS and/or Linux. At least the system architecture isn’t quite as much of a dumpster fire as Windows’ is, but nothing is invulnerable when there’s enough incentive

meseek #2982
link
fedilink
23
edit-2
1Y

Naw. This is just FUD. I mean it’s coming from Accenture ffs.

Keep calm and keep computing.

Yep. Seems to be a sensationalized piece that basically boils down to “Mac market share in enterprise is now more than a rounding error, so hackers might start targeting it”

meseek #2982
link
fedilink
21Y

Anker did just that. Turned out you could just copy paste the url into VLC and watch someone’s feed without them even knowing. They suppressed the info and hid.

I agree, Accenture is not a reliable source.

GreatAlbatross
link
fedilink
English
51Y

“Does your company have macs? Mac attacks are up 1000% percent. If you don’t have the IT resources to install antivirus on all your shiny macs, you can pay us to do it for you.”

interolivary
link
fedilink
41Y

Yeah I’m not exactly in a hurry here, but more widespread malware is still just a question of incentive. macOS isn’t invulnerable, it’s just mainly been a smaller and less easy target so it’s not gotten the same sort of attention as Windows

meseek #2982
link
fedilink
6
edit-2
1Y

Every software has holes. Not saying macOS is bullet proof. But it’s much harder to infect thanks to its Unix core and the fact the entire OS is on a read only partition. That with their own anti malware tool (Gatekeeper) that took on a much more active roll in macOS’s defenses come Ventura.

I’m far more worried Apple replaces macOS or closes it just like all their other OSes and we end up bouncing between jailbreaks.

Barry Zuckerkorn
link
fedilink
English
81Y

The general recommendation is to configure your system to allow the use of the minimum number of privileges. If you don’t have the need to use software that doesn’t come from a trusted repository (like the Apple App Store itself, but also things like homebrew), go ahead and turn off the ability to run software from other sources. If you’re coding, make sure your code is properly sandboxed, and that you’re not blindly relying on untested packages (see compromised npm packages). Don’t give apps accessibility or other rights if they don’t need them, etc. And then stay current on all software updates.

Even zero-days often rely on certain configurations, and you can always lock down the built-in apps to not auto-run or auto-preview things they receive. Some of it requires an active user maintenance to decide how to balance convenience versus security on your own system.

Create a post

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community’s icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

  • 1 user online
  • 152 users / day
  • 311 users / week
  • 620 users / month
  • 2.26K users / 6 months
  • 1 subscriber
  • 3.36K Posts
  • 67.7K Comments
  • Modlog