Black Hat USA 2023 – Bitdefender macOS Threat Report Reveals Key Dangers for Mac Users

In its 26th year, Black Hat USA returns to Vegas with a six-day schedule. Bitdefender is on the floor at the Mandalay Bay Convention Center releasing its latest macOS Threat Landscape Report – a valuable resource that looks at the key threats targeting Macs worldwide.

Data gathered by Bitdefender over a 12-month period shows that Mac users are mainly targeted by three key threats: Trojans, Adware, and Potentially Unwanted Applications (PUAs). While named differently, these menaces share one weakness: they require victims to manually run the threat, meaning their authors have to make their malware look legitimate.

Trojans are the biggest single threat to Macs, accounting for more than half of threat detections. Trojans designed to exploit unpatched vulnerabilities are a major hazard for users who typically postpone installing the latest security patches from Apple.

EvilQuest remains the single most common piece of malware targeting Macs, with a 52.7% share. It bundles a ransomware component designed to encrypt and pilfer the victim’s files, as well as a keylogger to record keystrokes and steal personal or financial data. While most antivirus vendors recognize and block EvilQuest, its continued abundance indicates that attackers still use it in a spray-and-pray fashion, hoping to catch unprotected systems in their nets.

With a 25.3% share, PUAs represent a quarter of “executable” threats to Macs. 8% of PUA detections on Macs are crypto miners and 1% are jailbreak utilities.

Adware accounts for more than a fifth of threats targeting Macs. Like most file-based threats, adware ends up on computers after users willfully run freeware programs, fake installers, software downloaded from torrents and wares sites, pirated programs, malicious links, malvertising, and others.

In recent years, Apple has found it increasingly necessary to patch actively-exploited vulnerabilities in its platforms. Moreover, spyware vendors are stepping up their focus on Apple’s iOS, which shares many components with macOS. As a result, threat actors are well positioned to attack Macs more efficiently with threats designed to exploit unpatched flaws and lax cybersecurity.

These, and many other interesting findings, are available in our full report presented at Black Hat USA 2023. Grab the free report using the handy download button below.

Download macOS Threat Landscape Report