Hackers are building bespoke Mac malware using GenAI
- Mac users need to stop believing that macOS is safer than Windows
- Generative AI has helped non-coders to create their own malware
- Social engineering continues to be the most common attack method
Cybersecurity experts from Moonlock are warning of the increasing prevalence of sophisticated macOS malware created with the help of generative AI.
In its 2024 Threat Report, Moonlock explored how publicly available tools like ChatGPT have enabled hackers to work around the technical barriers they were previously subject to in order to create malicious software more quickly.
The research found screenshots posted to darknet forums showing hackers using artificial intelligence to guide them through the development of Mac-bound malware step by step.
AI is helping to build macOS malware
Among the examples given was a case involving Russian-speaking threat actor ‘barboris,’ who admitted to building macOS malware without any prior coding experience thanks to generative AI. With natural language prompts, barboris was able to create an infostealer capable of targeting Keychain credentials and cryptocurrency wallet information.
The reported summarizes: “The barrier to entry is lower than ever, and AI has become a new ally for cybercriminals seeking to launch macOS-focused campaigns.”
Moonlock explains that the rise of malware-as-a-service (MaaS) has also made macOS malware more accessible than ever. Cheapening MaaS options are lowering the barriers for attackers and making macOS malware more common that it used to be.
The researchers claim that the rise of MaaS has made cybercrime into a collaborative effort, creating new roles for creators and distributors.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Previously, Apple’s desktop operating system was favored over its Windows counterpart for being less susceptible to cyberattacks, however the researchers explained that the notion that macOS is still as safe is now a dated one.
Users are being advised to treat macOS as they would any other operating system or internet-connected device, by keeping software updated with security patches, only downloading apps from trusted sources such as the Mac App Store, and installing renowned third-party security tools.
However, while the threat environment may be shifting, social engineering remains the most common way of forcing entry, and all users should be wear of handing out sensitive information unless it is absolutely necessary.
“We expect a surge in the variety of stealers targeting macOS in 2025,” noted Mykhailo Pazyniuk, Malware Research Engineer at Moonlock. “During 2024 we’ve observed different threat actors trying to bypass Apple’s protection mechanisms, emphasizing on users as the weakest link in this attack chain. Therefore, threat actors haven’t bothered much with finding exploits in macOS itself just yet.”
“One thing is certain – since many stealers eventually did their job and managed to exfiltrate sensitive user data and their crypto assets, the market of MaaS and macOS exploits will continue to grow in 2025, possibly offering more ways to stay undetected for antivirus software,” Pazyniuk said.
You might also like
Mac users need to stop believing that macOS is safer than Windows Generative AI has helped non-coders to create their own malware Social engineering continues to be the most common attack method Cybersecurity experts from Moonlock are warning of the increasing prevalence of sophisticated macOS malware created with the help…
Recent Posts
- The TCL 60XE switches from color to grayscale in an instant – and it’s the coolest thing I saw at CES
- Intel still dreams of modular PCs — it brought a tablet laptop gaming handheld to CES
- Mark Zuckerberg lies about content moderation to Joe Rogan’s face
- Zuckerberg trash talks Apple in interview with Joe Rogan
- NYT Connections today — my hints and answers for Saturday, January 11 (game #580)
Archives
- January 2025
- December 2024
- November 2024
- October 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- September 2018
- October 2017
- December 2011
- August 2010