Apple is no longer threat free as new threats hit Apple devices

A growing number of attackers have begun to target Apple operating systems, with the amount of infections and new malware threats increasing over the past two years. The number of new Mac OS X threats rose by 15 percent in 2014, while the number of iOS threats discovered this year has more than doubled, from three in 2014 to seven in 2015. Jailbroken devices are the focus of the majority of threats and, of the 13 iOS threats documented by Symantec to date, nine can only infect jailbroken devices.

 While the total number of threats targeting Apple devices remains quite low compared to Windows in the desktop space and Android in the mobile sector, Apple users cannot be complacent. Should Apple platforms continue to increase in popularity, the number of cybersecurity threats facing Apple users will likely grow in parallel.

Apple is no longer threat free
Apple is no longer threat free

As outlined in the newly published Symantec whitepaper, the range of threats affecting Apple devices has multiplied. These threats span from ordinary cybercrime gangs branching out and porting their threats to Apple platforms, right up to high level attacker groups developing custom Mac OS X and iOS malware. Examples of the latter include the Butterfly corporate espionage group infecting OS X computers in targeted organizations and the Operation Pawnstorm APT group creating malware capable of infecting iOS devices.

A spike in Mac OS X threats

The number of new Mac OS X threats emerging is increasing year-on-year, rising by 15 percent in 2014. This followed an increase of 44 percent in 2013 and an increase of 29 percent in 2012.

Apple is no longer threat free

Figure 1. Number of new OS X threats documented by Symantec by year


In tandem with this rise, the number of Mac computers hit by malware infections has increased enormously over the past year. The number of unique OS X computers infected with malware in the first nine months of 2015 alone was seven times higher than in all of 2014.

Apple is no longer free from threats

Figure 2. Malware infections on unique computers running OS X from January 2014


While the number of infections on OS X computers has increased dramatically over the past year, a significant amount of this spike has been accounted for by grayware, such as adware, potentially unwanted or misleading applications.


While these grayware infections accounted for much of the surge in infections between June 2014 and March 2015, recent months have seen a significant uptick in infections involving other forms of malware.


Two sides of Mac OS X

Figure 3. While malware threats are less prevalent, their infections can be more damaging.

Jailbreaking greatly increases risk of iOS malware

The number of iOS malware threats discovered to date remains quite small, although it is beginning to increase, with seven new threats discovered in 2015, up from the previous high of three in 2014.

Jailbreaking Apple increases the risk of attacks

Figure 4. Number of new iOS threats documented by Symantec by year

Attackers targeting the operating system need to find a way to install malware on a device, which can represent a significant hurdle. Many threats are installed when the target connects their device to a compromised desktop computer. Jailbroken devices present more opportunities for compromise and many threats are designed to take advantage of jailbroken phones. Of the 13 iOS threats documented by Symantec to date, nine can only infect jailbroken devices .

ios jailbreak


Figure 5. Jailbroken devices present more opportunities for compromise


The overall number of new Mac OS X vulnerabilities emerging has remained relatively steady in recent years, at a rate of between 39 and 70 per year. In most years, the number of new Mac OS X vulnerabilities has been lower than the number of Windows vulnerabilities found. The greater numbers of Windows vulnerabilities may be reflective of the larger market share that the Microsoft operating system enjoys, prompting a greater level of scrutiny from attackers and security researchers.


Meanwhile, the amount of iOS vulnerabilities being found annually has trended upwards over the past four years. Between 2011 and 2014, the amount of vulnerabilities affecting iOS has exceeded those that were documented for its main competitor, Google’s Android. That trend has reversed in 2015 as new Android vulnerabilities have outpaced iOS.


However, security researchers have begun to focus on vulnerabilities in Apple software and have uncovered a number of high-profile flaws in the last year. Zero-day brokers have begun offering bounties for Apple vulnerabilities, with US$1 million paid recently for a jailbreak of iOS 9.1. This is sure to add more impetus to researchers who are interested in looking at Apple systems for vulnerabilities.


Although still small in terms of overall numbers, the number of new OS X and iOS threats discovered annually has been trending upwards over the past five years. Given this trend, Apple users cannot be complacent about security. Awareness of common threats combined with properly securing Apple devices should minimize the risk of infection.


  • Use a robust security suite and keep it updated.
  • Keep your operating system and all other software up-to-date. Software updates frequently include patches to newly discovered security vulnerabilities that could be exploited by attackers.
  • If you are considering jailbreaking an iOS device, exercise caution and educate yourself on the risks you may be exposed to. The majority of iOS threats target jailbroken devices and unofficial app stores are more likely to host Trojanized apps.
  • Only install software from reputable sources. Some third-party OS X app stores have been found to host Trojanized software. Grayware, such as adware, and potentially unwanted or misleading applications are often bundled with installers for other applications.
  • Delete any suspicious-looking emails you receive, especially if they include links and/or attachments. Don’t even open them, just delete them. If they purport to come from legitimate organizations, verify with the organization in question first.
Show More


Eli has 26 years of extensive IT sales expertise in Data, voice and network security and integrating them is his masterpiece. Photography and writing is his passion. Growing up as a kid, his father taught him to use the steel bodied Pentax and Hanimex 135mm film and single-direction flash, Polaroid cameras, and before going digital, he used mini DV tape with his Canon videocam. He now shoots with his Canon EOS 30D. Photography and blogging is a powerful mixture for him.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button