Apple's device popularity in the enterprise brings increasing malware threats

New Mac malware can record confidential corporate data, warns Intego
Tools

The popularity of the iPad and iPhone has led to a proliferation of Apple (NASDAQ: AAPL) devices in the enterprise, fueling the BYOD trend.

In fact, Apple devices have become so widespread in some organizations that IT shops are considering deploying an Apple operating system for all of their computers.

Apple has long claimed that its OS and devices are the most secure in the business, even dismissing the idea that they need anti-virus software. But Apple's claim to superior security has come into question as more and more malware has succeeded in infiltrating Apple devices, including its Mac laptops.

According to IT security firm Sophos, one in five Apple Macs harbor malware. The most widely publicized mass infection involved malware known as Flashback, which infected an estimated 600,000 Macs earlier this year through compromised WordPress sites. Once infected, the Macs were linked to a huge botnet controlled by a Russian-based hacker gang.

The most recent example of Mac malware is spyware called OSX/Dockster.A, which is able to record a user's typing on an infected machine according to Intego's Mac Security Blog. The keylogger function is able to steal confidential information, such as banking credentials of individuals and proprietary information of companies.

The malware "creates a launch agent called mac.Dockset.deman so that the Trojan will restart each time an affected user logs in. Once the Trojan is active, it tries to contact the remote address itsec.eicp.net to await instructions. At the time of writing, this address is not registered, which indicates the sample may be intended simply as a test rather than an active threat," wrote Lysa Myers on the blog.

The backdoor functionality of the malware provides a simple remote shell that enables the hackers behind the malware to gain remote access to the device, download files, and record key strokes.

While the Dockster.A malware has yet to infect users, it reflects a growing trend of malware targeting Apple devices. IT managers need to consider carefully the growing security risks posed by Apple devices in deciding whether to swap out the existing OS for an Apple OS.

For more:
- see Myers' blog post
- check out the Sophos stats

Related Articles:
Apple device exploit opens internal networks to attack, researcher claims
Survey shows disconnect between IT, employees over BYOD security

Filed Under