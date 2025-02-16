Apple devices, once considered impregnable, are facing an escalating threat from AI-driven malware, particularly targeting Mac users. Simultaneously, Android users are grappling with a surge in phishing attacks, with thousands of malicious apps designed to steal sensitive information. Experts warn that these threats will intensify in the coming years, urging users to adopt robust security measures.

Apple devices are widely perceived as secure, a notion reinforced by Apple's marketing campaigns with the tagline 'Privacy. That’s Apple.' However, the evolving cybersecurity landscape means even Apple products are not immune to cyberattacks. A recent report suggests that Mac users need to be particularly vigilant this year because advancements in artificial intelligence (AI) are empowering hackers to breach even the most robust security systems.

The trend of Mac malware targeting users has been consistently reported, and experts predict a worsening situation. Mac malware is no longer the benign annoyance it once was. For years, the primary threats were adware and browser hijackers, mainly nuisances rather than serious dangers. This is rapidly changing. As Malwarebytes highlights, a new wave of information stealers is on the rise, posing a significantly greater threat. These stealers target valuable data like passwords, authentication cookies, credit card details, and even cryptocurrency. This shift began in mid-2023 with the emergence of Atomic Stealer, also known as AMOS, a piece of malware that resembled Windows threats more than typical Mac malware. AMOS wasn't only effective but also user-friendly and offered as a service for $1,000 per month with a sophisticated web-based control panel. This success paved the way for even more dangerous variants.One notable example is Poseidon, launched in mid-2024 and quickly becoming the dominant Mac stealer, responsible for 70% of infections. Poseidon boasts the capability to drain over 160 different cryptocurrency wallets, steal passwords from browsers and password managers, and even grab VPN credentials. Simultaneously, cybercriminals are intensifying their use of malvertising, exploiting fake advertisements on search engines like Google and Bing to trick users into downloading malware instead of legitimate software. These campaigns are highly targeted, allowing attackers to identify Mac users and deliver fake downloads tailored to their searches. With AI now being integrated into the creation and execution of many of these attacks, their scale is likely to increase significantly. The situation for Android users is even more alarming. Phishing attacks on the platform have reached unprecedented levels, with thousands of malicious apps designed to steal credentials and circumvent security measures. In 2024 alone, researchers have detected 22,800 phishing-capable apps, along with 3,900 apps designed to read OTPs (One-Time Passwords) from notification bars and 5,200 apps capable of extracting OTPs from SMS messages. These figures highlight the widespread and effective nature of Android phishing malware. Like phishing emails, phishing apps deceive users into surrendering their usernames, passwords, and two-factor authentication codes. Once compromised, these credentials can be sold on the black market, used for fraud, identity theft, or further cyberattacks.





