Reg comments53

All eyes on the jailbroken as iOS, Mac OS X threat level ratchets up

Number of new problems rising, says Symantec

Mac malware

The number of iOS threats discovered this year has more than doubled, from three in 2014 to seven so far in 2015, according to Symantec, with jailbroken devices being the focus of the majority of threats.

Of the 13 iOS threats documented by the technology security company in total, nine can only infect jailbroken devices.

Mac OS X threats are also on the rise, at least historically, according to the security giant. The number of new Mac OS X threats emerging is increasing year-on-year, rising by 15 per cent in 2014, according to Symantec.

This followed an increase of 44 per cent in 2013 and an increase of 29 per cent in 2012. Early indications are that the number on new threats on Apple’s desktop platform for 2015 may come out slightly lower than that in 2014 or 2013, but higher than in previous years.

However, the number of unique OS X computers infected with malware in the first nine months of 2015 alone was seven times higher than in all of 2014. This is partly driven by the increased popularity of Macs but mainly down to successful targeting by crooks.

Much of the spike is down to grayware, such as adware, or potentially unwanted or misleading applications, with threats from spyware and trojans also an increasing problem for Mac fans.

These threats stem from cybercrime gangs branching out to Apple platforms, as well as high-level attack groups such as the Butterfly corporate espionage crew infecting OS X computers in targeted organisations, and the Pawn Storm APT group creating malware capable of infecting iOS devices.

Symantec’s take on Apple desktop threats fits with a separate warning about a rising tide of Mac OS X malware from researchers at Bit9 + Carbon Black last month.

Bug count

The overall number of new Mac OS X vulnerabilities emerging has remained relatively steady in recent years, carrying between a low of 39 and a high of 70 per year. The number of new Mac OS X vulnerabilities has generally been lower than the number of Windows vulnerabilities.

The greater market share Windows continues to enjoy means that the platform is more closely scrutinised by attackers and security researchers, a factor that may go a long way towards explaining the difference.

Elsewhere, the volume of vulnerabilities affecting iOS exceeded those that were documented for its main competitor, Google’s Android between 2011 and 2014 (inclusive).

But that trend has reversed in 2015 so far, and new Android vulnerabilities have outpaced those in Apple’s iOS operating system for smartphones and tablets.

Although the total number of threats targeting Apple devices remains quite low compared with Windows in the desktop and Android in the mobile sector, Apple users can't be complacent, as Symantec argues.

“Although still small in terms of overall numbers, the number of new OS X and iOS threats discovered annually has been trending upwards over the past five years,” Symantec researcher Dick O'Brien concludes in a blog post.

Users considering jailbreaking an iOS device should exercise caution, for example by educating themselves about the risks they may be exposed to, Symantec advises. The majority of iOS threats target jailbroken devices and unofficial app stores are more likely to host trojanised apps, Symantec advises, among other top tips covered in more depth in its blog post.

Symantec's 32-page white paper on the Apple threat landscape, which puts the whole issue under the microsocope, can be found here (PDF). ®

Sign up to our Newsletter

Get IT in your inbox daily

Biting the hand that feeds IT © 1998–2017