Recently, there’s been a lot of talk about how Apple is going to infuse its products with artificial intelligence (AI) at its Worldwide Developers Conference (WWDC) in June. But there’s another way the company might be putting AI to good use – and it could help keep your Mac safe from malware and other digital nasties.
As spotted by macOS developer and blogger Howard Oakley, Apple has just updated its XProtect anti-malware system with 74 new rules aimed specifically at the Adload adware virus, which hijacks your browser and forces you to visit malicious sites. XProtect is a built-in macOS feature that detects malicious code in third-party apps and prevents them from running, and an update to its definitions is not particularly unusual.
But what is unusual is the sheer size of the XProtect update. As Oakley puts it, “developing that many [definitions] by hand would normally take considerable time and effort.” And that raises an interesting question: is Apple using AI to write its antivirus definitions?
Oakley certainly thinks it’s a possibility. In the blog post, he suggests that it could be a potential solution to a problem like Adload, which is frequently updated to evade detection, which in turn necessitates companies like Apple rapidly reacting to it. If Apple is using AI to do the heavy lifting, it might “overwhelm [Adload’s] efforts to evade detection until the malware has been extensively rewritten,” Oakley says.
AI vs malware
There’s been much debate over what the rapid development of generative AI tools like ChatGPT will mean for malware creators and those who are fighting back against them. For some, it might help bad actors more rapidly craft viruses and trojans. For others, it’s an excellent tool for reverse engineering malware and building better defenses against it.
Last year, I spoke to a range of cybersecurity experts on this topic. Joshua Long, Chief Security Analyst at antivirus firm Intego, suggested that AI can help to spot zero-day flaws by analyzing code uploaded into its chat window. And Martin Zugec, Technical Solutions Director at Bitdefender, noted: “The majority of novice malware writers are not likely to possess the skills required to bypass [ChatGPT’s] security measures, and therefore the risk posed by chatbot-generated malware remains relatively low at this time.”
Whatever the case, it would be surprising if Apple was not at least looking into using AI to help write its antivirus definitions. Malware threats are always evolving, which means defenders need to adapt as quickly as possible to keep them out. With the speed that AI allows, it could become an invaluable tool in the antivirus arsenal.
Interestingly, Oakley notes that there are already several AI tools that can write antivirus definitions, but that “but Apple doesn’t appear to have made much use of them in the past, at least not on this unprecedented scale.” Given the Adload example, we might soon see AI playing a much more active role in keeping your Mac safe.