Mac malware outpaced Windows PCs threats for first time in 2019, report says

Posted:
in macOS
According to a report from Malwarebytes on Tuesday, the number of malware threats detected on Mac endpoints outpaced those targeting Windows PCs for the first time in 2019, with adware accounting for a bulk of all detected threats.




In its annual State of Malware Report (PDF link), antivirus software maker Malwarebytes tracked a more than 400% increase in detected Mac malware on a year-over-year basis.

Tallying up threat detections on a per endpoint basis, calculus applied to account for growth in the number of Macs running Malwarebytes software, the firm found 11 threats per Mac endpoint in 2019, up from 4.8 in 2018. By comparison, results show an average of 5.8 threats detected per Windows endpoint over the same period.

The report speculates Macs are quickly becoming a sweet target for cybercriminals due to increased marketshare, though recent industry estimates show Apple's slice of market shrank over the past two quarters.

Perhaps more likely is a notable increase in fringe software. Malwarebytes notes Apple's standard macOS security safeguards are more focused on thwarting serious malware than "borderline" adware and potentially unwanted programs (PUPs), allowing the latter two families to propagate at speed.

"Macs differ drastically from Windows in terms of the types of threats seen," the report reads. "Where we found several different categories and families in our top detections of Windows threats that classify as traditional malware , especially those aimed at businesses, most Mac threats, and certainly the most prevalent ones of 2019, are families of adware and potentially unwanted programs (PUPs)."

Indeed, the most prevalent Mac threat, NewTab, is a particularly insidious family of adware that was detected nearly 30 million times in 2019. PCVARK, a PUP that took third place on cross-platform detections, ranked second in the Mac category with almost as many detections as NewTab during the same period.

MacKeeper, an infamous system "cleaning" program that was previously No. 1 on Malwarebytes' list of top Mac detections, fell to the third spot, while fellow PUPs JDI and MacBooster took fourth and fifth, respectively.

The top "traditional malware," sometimes defined as a backdoor, cryptominer or spyware, was OSX.Generic.Suspicious, a group of files that exhibited similar malicious behavior. OSX.Generic.Suspicious and scam-enabling software FakeFileOpener both topped 300,000 detections in 2019.

Despite the growing number of malware detections, at least as discovered on Malwarebytes' platform, Mac is still a safe environment as long as users remain conscious of bad actors. As noted in the report, all but one malware incident in 2019 involved duping users into downloading and opening offending software. The lone vulnerability that impacted Mac, according to Malwarebytes, was a Firefox zeroday targeting cryptocurrency companies.
«1

Comments

  • Reply 1 of 27
    I wonder what infection rate would be if all Mac software had to be installed through the App Store...
    bloggerblogajlcaladanianjony0
  • Reply 2 of 27
    lkrupplkrupp Posts: 9,639member
    Only stupid people install malware. 
    macseekersweetheart777mejsriclolliver
  • Reply 3 of 27
    dysamoriadysamoria Posts: 3,430member
    lkrupp said:
    Only stupid people install malware. 
    Only arrogant, callous, and utterly antipathetic tech geeks act like the above quoted comment.

    You don’t know what you think you know about people who use computers. There’s more to it than “willfully installing malware”. And yet, you think everyone else should know what you know from being a tech-oriented person.

    Develop some empathy for your fellow beings. In helps in many places in life.
    elijahgDAalsethSoliMplsPanantksundaramflyingdpStrangeDaysFileMakerFellerminicoffeerevenant
  • Reply 4 of 27
    dysamoriadysamoria Posts: 3,430member

    I wonder what infection rate would be if all Mac software had to be installed through the App Store...
    That is an untenable scenario. There are many practical cases of needing to be able to tell Mac OS “open anyway” in the security settings. Number one is developers. Number two is independent and/or open source software.
    muthuk_vanalingamlkrupp
  • Reply 5 of 27
    I wonder what infection rate would be if all Mac software had to be installed through the App Store...
    That's precisely why the default is/should be ONLY Mac App Store and Notarized Apps can be installed. If you bypass it, you're accepting responsibilty for the consequences.

    I've never caugh a virus/malware on any of my machines, neither macOS nor Windows because I'm paranoid as can be and I never got into the pirated software scene. Other than a modicum of open-source software that I've built from source, everything on my machines is from the App Store, Adobe or SetApp.
    watto_cobra
  • Reply 6 of 27
    gatorguygatorguy Posts: 23,304member
    I wonder what infection rate would be if all Mac software had to be installed through the App Store...
    That's precisely why the default is/should be ONLY Mac App Store and Notarized Apps can be installed. If you bypass it, you're accepting responsibilty for the consequences.

    I've never caugh a virus/malware on any of my machines, neither macOS nor Windows because I'm paranoid as can be and I never got into the pirated software scene. Other than a modicum of open-source software that I've built from source, everything on my machines is from the App Store, Adobe or SetApp.
    Windows would like you to do the same thing, install apps only from the official Microsoft Store. In fact it will insistently warn you that the program you are installing may be unsafe when it was securely downloaded directly from a trusted software provider, advising you should not proceed and visit Microsoft instead.  If they could they'd force everyone to deal only with Apple and Microsoft and use only what they provided. Fortunately for us they can't without straying across antitrust lines. 
    edited February 2020 muthuk_vanalingam
  • Reply 7 of 27
    gatorguy said:
    I wonder what infection rate would be if all Mac software had to be installed through the App Store...
    That's precisely why the default is/should be ONLY Mac App Store and Notarized Apps can be installed. If you bypass it, you're accepting responsibilty for the consequences.

    I've never caugh a virus/malware on any of my machines, neither macOS nor Windows because I'm paranoid as can be and I never got into the pirated software scene. Other than a modicum of open-source software that I've built from source, everything on my machines is from the App Store, Adobe or SetApp.
    Windows would like you to do the same thing, install apps only from the official Microsoft Store. In fact it will insistently warn you that the program you are installing may be unsafe when it was securely downloaded directly from a trusted software provider, advising you should not proceed and visit Microsoft instead.  If they could they'd force everyone to deal only with Apple and Microsoft and use only what they provided. Fortunately for us they can't without straying across antitrust lines. 
    The difference is Microsoft’s Store is garbage.
    dedgeckoBeatsdewmecornchipwatto_cobra
  • Reply 8 of 27

    dysamoria said:

    I wonder what infection rate would be if all Mac software had to be installed through the App Store...
    That is an untenable scenario. There are many practical cases of needing to be able to tell Mac OS “open anyway” in the security settings. Number one is developers. Number two is independent and/or open source software.
    dysamoria said:

    I wonder what infection rate would be if all Mac software had to be installed through the App Store...
    That is an untenable scenario. There are many practical cases of needing to be able to tell Mac OS “open anyway” in the security settings. Number one is developers. Number two is independent and/or open source software.
    .....
    I was thinking the same thing for devs.  But, how hard is it to issue keys to devs to unlock additional functionality...

    The safety of 99% of Mac install base should before a minor inconvenience.  Devs understand the risks, they’re unlikely to get tricked into installing malware, and if they do they’re almost guaranteed to have backups.
  • Reply 9 of 27
    DAalsethDAalseth Posts: 1,817member
    So @"appleinsider staff"  I think this is a call for a comparison article of the best AntiMalware apps available in 2020. I've been using the same one for a few years and I'm suspecting it's time to update to something that blocks not just malware, but also ransomware, phishing, and several other nasty behaviors that weren't a thing a few years ago. Also as Avast was found to be scraping and selling user data, that might be something to check into as well. Yes I can look around the web and see what other sites are the best, but I'm more likely to trust AppleInsider than a lot of the other places I see on the web. You don't know who may be paying for favourable reviews with them. You area site I'm more likely to trust.
    MplsPminicoffeededgeckocaladanianrazorpitraulcristian
  • Reply 10 of 27
    Rayz2016Rayz2016 Posts: 6,957member
    DAalseth said:
    So @"appleinsider staff"  I think this is a call for a comparison article of the best AntiMalware apps available in 2020. I've been using the same one for a few years and I'm suspecting it's time to update to something that blocks not just malware, but also ransomware, phishing, and several other nasty behaviors that weren't a thing a few years ago. Also as Avast was found to be scraping and selling user data, that might be something to check into as well. Yes I can look around the web and see what other sites are the best, but I'm more likely to trust AppleInsider than a lot of the other places I see on the web. You don't know who may be paying for favourable reviews with them. You area site I'm more likely to trust.
    Look at the front page of AI without a content blocker. It’s a hot mess of ads and ‘reviews’ that seem a lot like ads. And given a few missteps (such as insisting that the Mac was going to run IOS apps) then I wouldn’t rely on them for anything too technical. Your best bet for reviews is Ars Technica. 

    Good point about the data scraping.  The data for this article came from Malwarebytes, which presumably got the info by scraping data from Macs. I wonder what else they scraped?
    dedgeckorevenantCloudTalkinmacpluspluscharlesatlascornchipjony0
  • Reply 11 of 27
    Most trusted names are secretly selling scanned datas. Should i trust this to scan my pc of malware? How would i know if the malware scanner is not a malware? 
  • Reply 12 of 27
    Rayz2016 said:
    DAalseth said:
    So @"appleinsider staff"  I think this is a call for a comparison article of the best AntiMalware apps available in 2020. I've been using the same one for a few years and I'm suspecting it's time to update to something that blocks not just malware, but also ransomware, phishing, and several other nasty behaviors that weren't a thing a few years ago. Also as Avast was found to be scraping and selling user data, that might be something to check into as well. Yes I can look around the web and see what other sites are the best, but I'm more likely to trust AppleInsider than a lot of the other places I see on the web. You don't know who may be paying for favourable reviews with them. You area site I'm more likely to trust.
    Look at the front page of AI without a content blocker. It’s a hot mess of ads and ‘reviews’ that seem a lot like ads. And given a few missteps (such as insisting that the Mac was going to run IOS apps) then I wouldn’t rely on them for anything too technical. Your best bet for reviews is Ars Technica. 

    Good point about the data scraping.  The data for this article came from Malwarebytes, which presumably got the info by scraping data from Macs. I wonder what else they scraped?
    Thanks @Rayz2016 I'll check out Arts Technica for other stuff too.
    razorpit
  • Reply 13 of 27
    seanjseanj Posts: 265member
    Of course Malwarebytes are going to say this, they sell anti-malware software for Macs FFS!!
    They're hardly going to say “little malware risk to Macs so no need to buy our software”.

    Doh!!!
    macpluspluslolliver
  • Reply 14 of 27
    mcdavemcdave Posts: 1,831member
    seanj said:
    Of course Malwarebytes are going to say this, they sell anti-malware software for Macs FFS!!
    They're hardly going to say “little malware risk to Macs so no need to buy our software”.

    Doh!!!
    And look at how they had to expand the malware category with not-that-malware to make the analysis work. Totally misleading.
    dewmemacpluspluslolliver
  • Reply 15 of 27
    mcdavemcdave Posts: 1,831member
    dysamoria said:

    I wonder what infection rate would be if all Mac software had to be installed through the App Store...
    That is an untenable scenario. There are many practical cases of needing to be able to tell Mac OS “open anyway” in the security settings. Number one is developers. Number two is independent and/or open source software.
    No excuse. Free software can be deployed freely on the Mac App Store as long as it interacts legitimately with MacOS and there’s no excuse to release unsigned software. The ‘power’ of Open Source is the power to fail.
    lolliver
  • Reply 16 of 27
    danvmdanvm Posts: 1,179member
    gatorguy said:
    I wonder what infection rate would be if all Mac software had to be installed through the App Store...
    That's precisely why the default is/should be ONLY Mac App Store and Notarized Apps can be installed. If you bypass it, you're accepting responsibilty for the consequences.

    I've never caugh a virus/malware on any of my machines, neither macOS nor Windows because I'm paranoid as can be and I never got into the pirated software scene. Other than a modicum of open-source software that I've built from source, everything on my machines is from the App Store, Adobe or SetApp.
    Windows would like you to do the same thing, install apps only from the official Microsoft Store. In fact it will insistently warn you that the program you are installing may be unsafe when it was securely downloaded directly from a trusted software provider, advising you should not proceed and visit Microsoft instead.  If they could they'd force everyone to deal only with Apple and Microsoft and use only what they provided. Fortunately for us they can't without straying across antitrust lines. 
    The difference is Microsoft’s Store is garbage.
    Too bad that the macOS App Store is not that good either, and may be even worst than than Microsoft App Store.

    Still, would be the best for users in both environments if only they had access to applications from their respective app stores.  
  • Reply 17 of 27
    The article is a bit misleading:   Further down in the article it points out that Macs fall far below Windows machines in serious threats - rather than non-malicious stuff like ad trackers and such.   Big Difference!
    dewmemacpluspluscornchip
  • Reply 18 of 27
    dewmedewme Posts: 3,950member
    I wonder what infection rate would be if all Mac software had to be installed through the App Store...
    There are several apps that I need to use that simply are not available via the App Store, e.g., web browsers other than Safari, XMind, Visual Studio, and until recently Office 365. I admit that having Apple as a last line of defense would give me a warm & fuzzy but you should always consider the source when downloading directly from the web. 
  • Reply 19 of 27
    I wonder what infection rate would be if all Mac software had to be installed through the App Store...
    That's precisely why the default is/should be ONLY Mac App Store and Notarized Apps can be installed. If you bypass it, you're accepting responsibilty for the consequences.

    I've never caugh a virus/malware on any of my machines, neither macOS nor Windows because I'm paranoid as can be and I never got into the pirated software scene. Other than a modicum of open-source software that I've built from source, everything on my machines is from the App Store, Adobe or SetApp.
    Will never happen - it's the owner's responsibility to be aware of what they are installing and to take the needed precautions to protect themselves. Apple already takes advantage of app developers because the app store is the only place for users to get apps for their iPhone outside of jailbreaking which goes back to my first point around owner responsibility. If Apple had 100% control over all 3rd party software installs it would undoubtedly be abused.
  • Reply 20 of 27
    spice-boyspice-boy Posts: 1,445member
    Maybe Apple needs to re-design that castle or fortress icon, you know something taller with a mote and some alligators? Sorry that design is already being used on the border with Mexico. 
Sign In or Register to comment.