Ever Trend Zone 9to5Mac Security Bite is offered exclusively by: Mosyle, the only Apple integration platform. We’re all about making Apple devices ready to use and secure for enterprise use. Our unique, integrated approach to management and security delivers state-of-the-art Apple-specific security solutions for fully automated enforcement and compliance, next-generation EDR, AI-powered Zero Trust, and exclusive privilege management. , combined with the most powerful and modern Apple MDM. It’s on the market. The result is the fully automated Apple Unified Platform, which is now trusted by more than 45,000 organizations and powers millions of Apple devices effortlessly and affordably. Masu. Request an extended trial Find out why Mosyle is all about working with Apple today.
Each year, Moonlock Lab, MacPaw’s cybersecurity research arm, releases an annual report detailing the current state of the macOS threat landscape. Moonlock Lab released its 2024 Threat Report on Tuesday, highlighting how AI tools like ChatGPT are helping create malware scripts, the shift to Malware as a Service (MaaS), and what we’re seeing through internal data. Other interesting statistics were detailed.
// The era of AI-powered malware
It has long been speculated that threat actors are working hard behind the scenes to turn AI tools into AI accomplices. Now, for the first time, we seem to have figured out how it’s done.
Screenshots on darknet forums show attackers using AI tools such as ChatGPT to guide the complex malware creation process. A notable example is the Russian-speaking attacker known as “Barboris.” He openly shared his experience developing a macOS stealer without any coding experience.
“With just a few prompts, attackers can generate scripts and implement sophisticated techniques that previously required significant expertise.The barrier to entry has never been lower. “AI has become a new ally for cybercriminals looking to launch macOS-focused campaigns,” Moonlock Lab said in a report.
This situation is alarming for several reasons. The main reason is that what once required a high degree of technical expertise can now be accomplished by virtually anyone with access to the Internet.
This year we may see fundamental changes in malware development. This is no longer a job reserved for experienced programmers. Essentially, this represents the decentralization of cybercrime.
However, the code can still be difficult for criminals to manipulate. This is the strength of MaaS.
// MaaS dominates
According to a report from Moonlock Lab, the darknet will see a surge in discussions about bypassing macOS defenses and distributing malware as a service (MaaS) in 2024.
Currently, cyber gangs like AMOS operate as profitable MaaS businesses. In this model, a malware developer (or operator) creates software, and an affiliate company (usually someone with little technical knowledge) pays to access the malicious package and uses it to target targets of their choice. I’ll point it.
A solution required by affiliates (criminals) who have almost no technical ability.
These affiliates will pay a fee for a “license” of the malware package. This can be either a one-time payment or a more affordable subscription. Ransomware operators, known as Ransomware-as-a-Service, often take a cut from the ransom payments they receive.
According to Moonlock, the rise of MaaS has lowered the barrier to entry for cybercriminals, with services that previously cost tens of thousands of dollars now available for about $1,500 per month. This price drop can be attributed to increased competition due to the proliferation of MaaS providers like RansomHub.
//What can you do?
If you’re a regular reader of Security Bite, you probably already know some of this information. However, the best advice remains the same. Keep your software up to date, download apps only from trusted sources, and consider using third-party security solutions for added protection. Personally, I recommend CleanMyMac by MacPaw, which provides real-time malware detection.
Gone are the days when it was believed that Macs were virus-free.
For more information, we highly recommend checking out Moonlock Labs’ full report.
