In my favorite chat room recently I was asked, in light of recent events, would it be safer to use MacOS & IOS for work? Is it true that they have better security? I don’t have a definite answer here — both yes and no. Let’s get to the bottom of it!
First of all, There are a lot of malware for MacOS/IOS, the thing is that exploits 0days/1day for MacOS/IOS costs slightly more in than Windows/Android.
There is no difference, just a difference in the price of preparation and in the price of different exploits (including file gluing exploits or delivery exploits — they always cost more), I suggest you go to Zerodium and see the prices.
In general, the toolkit is more or less the same so don’t assume that MacOS is more secure. Again, it is based on Linux and FreeBSD. In other words, know who is working against you and what they are capable of.
In other words, the chances of getting into a massive attack are less, but the chances of being hacked by someone who is not sorry to spend 5–10 thousand dollars to prepare for your hack are equal on all devices and almost all operating systems.
Hackers also care about economics, profit and cost. If they are confident they can take the risk. Keep that in mind.
Use Qubes OS, Whonix, Tails or Graphene OS (which is way better then closed and thus unable to estimate risks IOS. Jailbreaking a device makes everything even worse) but some of them require a lot of preparation work and do not have out of the box security! But. Any secure OS can’t help you, if you don’t care about simple security rules — keep that in mind. See my original Twitter thread!
Follow These Guides:
Keep in mind that in most ways, hackers when dealing with Apple device will try to target non-obvious sources like: ICloud cloud backup, Google cloud Backup, etc!
Be Aware That Apple Care Can Get a TeamViewer-like Function, You Need Only a 1 Click to Loose All Your Data
Disable Predictive Text On Your Device!
Never Scan QR Codes via Your Working IPhone!
Read my OpSec roadmap to avoid such situations, never download files on your working machine. You should understand all 25 rules! Use dangerzone.rocks if you are working with PDFs!
- Crypto OpSec SelfGuard
- How to store crypto securely — tips from CIAOfficer
- 2 Violent attack vectors in Crypto: a detailed review
- OpSec in Crypto: Thoughts
Protect From Sim-Swappig
What is SIM Swapping?
With SIM swapping on the rise, phone owners should be aware of what these attacks are, what signs to look for, and how…
Keep Up With the Latest Security News
iPhone Crypto Users At Risk From Multiple Vulnerability Attacks On The iOS Mail App
ZecOps, a cybersecurity company based in San Francisco, announced today that it had identified two zero-day…
Be Aware of Crypto Clipper (which attacks a clipboard)
2 violent attack vectors in Crypto: a closer look
Evil Twins: Crypto Clipper and Social Engineering. The most important thing to understand here is the path of the cyber…
Be Aware of Physical Attacks
physical-bitcoin-attacks/README.md at master · jlopp/physical-bitcoin-attacks
A list of known attacks against Bitcoin / crypto asset owning entities that occurred in meatspace. …
Attacks on MacOS
Stealthy MacOS Malware Tied to Lazarus APT
Researcher discovered a MacOS trojan hiding behind a fake crypto trading platform believed to be the work of the…
Attacks on Linux
Lightning Framework: New "Swiss Army Knife" Linux Malware
A new Linux malware we're calling Lightning Framework has modular plugins and the ability to install multiple types of…
Wi-Fi Security When Holding Crypto-Assets
- Read this article: ledger.com/academy/security/hack
- Go through this awesome list: github.com/edelahozuah/awesome-wifi-security
- Test: github.com/techge/wifi-arsenal
- If you are an IoT device owner, then carefully read: github.com/nebgnahz/awesome-iot-hacks
- BGP Hacking: theverge.com/2018/4/24/17275982/myetherwallet-hack-bgp-dns-hijacking-stolen-ethereum
- Microtik security: www.itdave.nl/mikrotik-router-seurity-hardening
- Check out: github.com/decalage2/awesome-security-hardening
If you want to support my work, you can send me a donation to the address:
- 0xB25C5E8fA1E53eEb9bE3421C59F6A66B786ED77A or officercia.eth — ETH, BSC, Polygon, Optimism, Zk, Fantom, etc
- 17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU — BTC
- 4AhpUrDtfVSWZMJcRMJkZoPwDSdVG6puYBE3ajQABQo6T533cVvx5vJRc5fX7sktJe67mXu1CcDmr7orn1CrGrqsT3ptfds — Monero XMR