Barking Up The Wrong Tree
Recently, it was announced that such well-known names in the tech industry such as Facebook, Twitter, Microsoft, and Apple had all been affected by a watering hole attack. Employees at all of these affected firms had visited a popular iOS developer forum, which was compromised to serve a then-unknown Java exploit to its users.
Unsurprisingly, Java has received the brunt of the blame for this incident. One headline story from The Verge even called for Java to “go away“. Similar thoughts have passed through the minds of many security experts, whether they said so in the open or not.
However… Java was not the only problem here. All of the affected systems were Macs (a natural consequence of targeting an iOS developer forum). All of the focus has been how the attack arrived (Java), and not the target (Macs).
Ultimately, attackers target whatever platform their targets are using. And while in the overall OS market, the Mac share remains relatively low, in certain circles (like Silicon Valley in general) the percentage is far higher. Targeted users who happen to be running Macs are no longer safe simply because they’re Mac users; attackers now customize their attacks to fit the profile of their targets. In this case, the attackers explictly targeted iOS developers in a watering hole attack, which indicates a level of planning and staging was part of this attack.
Last year’s Flashback incident highlighted that Mac users were at risk of malware attacks; what this incident should do is that Macs are now the target of well-planned targeted attacks as well. Java was just the attack vector this time, but Mac users are no more immune to social engineering than other users.
As more and more of our personal information is given to these Web companies, their employees become more tempting targets. Attackers will realize that these workers, and many other potential high-value targets, are Mac users – and plan accordingly.
Users are protected from all known threats affecting Mac OS platforms via its Trend Micro™ Titanium™ Internet Security for Mac.