Hackers are besieging Apple OS X systems with 25 new malware variants, some of which are being used in targeted attacks, according to security firm F-Secure.
F-Secure reported uncovering the malware variants in its Threat Report H1 2014, claiming it discovered the first 20 attack tools in the opening months of the year.
“2014 started with almost 20 new unique variants discovered in the first two months alone, though this pace slowed later so that by the end of the H1 period, 25 new Mac threats had been found,” the report said.
“Among the new unique variants, 13 belong to five new families, with the Mask and Clientsnow being involved in targeted attacks. The remaining three new families – Coinstealer, Cointhief and LaoShu – affect normal Mac users.”
F-Secure senior security analyst Sean Sullivan told V3 the malware variants’ appearance is particularly troubling as some of the attacks detected using them were targeting critical infrastructure areas.
“It’s mostly targeting human rights activists (which focus heavily on rights in China). But then there are also efforts to compromise Macs within the energy industry and other sectors,” he said.
“It appears to be the same sort of stuff as Havex, [going after] a wide range of targets. Possibly it is a campaign by a private ‘contractor’ who is selling to particular nation states.”
Havex is a family of remote-access Trojans known to have been used during several attacks on critical infrastructure. It is believed to have been used in targeted attacks for at least a year.
Sullivan said the lack of public information about the targeted attacks from affected businesses indicates they are either unaware or unable to comment on them.
“It’s interesting to note there are no victims reported. We know about the targeted attacks against human rights activists because they speak out about it. Companies that are being attacked are either unaware or keep quiet,” he said.
Apple has a closed security model and does not disclose any information about potential vulnerabilities until it has investigated and fixed them.
Apple’s iOS mobile operating system remained malware free, despite the resurgence of Mac OS attacks.
F-Secure reported that of the 295 new mobile threat families and variants that were discovered, only one targeted iOS, and even this required the Apple device to be jailbroken to work. The remaining 294 are listed as targeting Android.
The stats mirror F-Secure’s past mobile threat findings. The firm listed Android as being the intended victim of more than 99 percent of mobile malware in its previous Mobile Threat Report Q1 2014.