If you’re a regular reader of this blog, you’re well aware that malware authors are more concerned with data, than with what operating system (OS) the data is stored on. We’re also seeing more and more multi-platform malware as well as threats created by groups that have historically written Windows malware. Historically, those multi-platform malware were written for Windows and Macs, and often Linux as well. Now, predictably, Android malware is starting to behave more like Windows malware.
There are two big factors that play into the shift in malware to other operating systems. Arguably the most important factor is that Windows market share has decreased significantly. The second factor is a trend that started even before that decrease; computer users now spend more time interacting with a browser than the OS itself. Now with the advent of cloud computing, you can have access to your data, regardless of where you are or what OS you’re using.
On the one hand, this splintering of the OS market has made things more difficult for malware authors. No longer does malware that works on one OS get you access to the vast majority of computer users worldwide. Now, in order to get that same sort of audience, attackers must come up with something that works on several significantly different platforms. Because there is an ever-growing financial incentive, malware authors have risen to the challenge.
Because everyone uses virtually the same Web browsers across all major operating systems, malware authors can simply find vulnerabilities to exploit in one of these browsers and they’ll generally have a stealthy way into almost any user’s system. From there, they just need to add back-end functionality to do what they need to do. And since most malware now is variations on a theme of stealing data, and since the malware community tends to be very cooperative with sharing source code amongst themselves, that’s not been much of a hurdle.
I think, in a “post-PC” world, many people have grown complacent about securing their data. That may be especially true of Apple product users. Apple has marketed itself as privacy-focused, and its products as being immune to “PC viruses,” which has tricked a generation of Mac and iPhone users into thinking they can be as cavalier as they want. But new Mac malware is being discovered all the time, and there’s even nation-state sponsored spyware like Pegasus for iPhone.
Unlike end users, however, malware authors have not been complacent about stealing data. In fact, they’re taking the lessons learned from years of writing Windows malware and applying it to other operating systems so that they can make vast leaps in sophistication and stealthiness.
So remember to lock your stuff up, and keep a healthy level of paranoia, regardless of which device you’re using.