9to5Mac Security Bite is brought to you exclusively by Mosyle, Apple’s only unified platform. Everything we do is about ensuring Apple devices are ready to work and secure across the enterprise. Our unique, end-to-end approach to management and security combines Apple’s most advanced security solutions for fully automated hardening and compliance, next-generation EDR, AI-powered Zero Trust, and exclusive privilege management with Apple’s most powerful and advanced MDM on the market. The result is a fully automated, unified Apple platform that is currently trusted by over 45,000 organizations to make millions of Apple devices work effortlessly and affordably. Request an EXTENDED TRIAL today and see why Mosyle is all you need for your Apple experience.
Every year, Moonlock Lab, the cybersecurity research arm of MacPaw, releases an annual report detailing the current state of the macOS threat landscape. On Tuesday, Moonlock Lab released its 2024 Threat Landscape Report, detailing how AI tools like ChatGPT are helping write malicious scripts, the shift to Malware-as-a-Service (MaaS), and other interesting statistics it sees through its internal data.
//the era of AI-powered malware
It’s long been assumed that bad actors have been hard at work behind the scenes to turn AI tools into AI accomplices. Now, it looks like we’re seeing it in action for the first time.
Screenshots from darknet forums show that attackers are using AI tools like ChatGPT to guide complex malware creation processes. A prime example is a Russian-speaking attacker known as “barboris,” who openly shared his experience developing macOS spyware without any prior coding experience.
“With just a few hints, attackers can generate scripts and implement advanced techniques that would have required significant expertise in the past. The barrier to entry is lower than ever, and AI has become a new ally for cybercriminals looking to launch macOS-focused campaigns,” Moonlock Lab said in its report.
This situation is alarming for several reasons. Mainly: What used to require significant technical knowledge can now be accomplished by virtually anyone with internet access.
This year, we are likely to see a fundamental shift in malware development. It is no longer a profession exclusively for experienced programmers. In fact, it represents the decentralization of cybercrime.
However, working with code can still be difficult for criminals. That’s where MaaS takes the lead.
//MaaS Dominates
According to a report by Moonlock Lab, 2024 will see a surge in discussions on the dark web around macOS bypass and malware-as-a-service (MaaS) distribution.
Nowadays, cyber gangs like AMOS operate as highly profitable MaaS businesses. In this model, malware developers (or operators) create the software, while affiliates, typically with less technical expertise, pay to access the malware package and route it to their chosen targets.
A sought-after solution for affiliates (criminals) with little to no technical expertise.
These affiliates pay a fee to “license” the malware package. This can be a one-time payment or a more affordable recurring subscription. Ransomware operators, known as Ransomware-as-a-Service, often take a percentage of any ransom payments received.
The rise of MaaS has lowered the barrier to entry for cybercriminals, according to Moonlock, as services that once cost tens of thousands are now available for around $1,500 per month. This price drop is likely due to increased competition, as there has been a surge in MaaS providers like RansomHub.
//what you can do
If you're a regular Security Bite reader, you probably already know some of this information. However, the best advice remains the same: keep your software updated, only download apps from trusted sources, and consider using a third-party security solution for extra protection. I personally recommend CleanMyMac by MacPaw, which offers real-time malware detection.
The days of believing that “Macs don’t get viruses” are long gone.
For more detailed information, I highly recommend you check out the full Moonlock Labs report.
