Firstly, let's go through what is Malware. Software that is intended to damage or abuse computer systems and networks is known as malware. The term "malware" is broad and covers a variety of malicious software, including viruses, worms, trojan horses, ransomware, adware, spyware, and other harmful programs.
Malware can be used to display unwelcome adverts, encrypt data and demand payment for decryption, hijack a computer system, steal sensitive information, including usernames, passwords, and credit card numbers, or destroy system files and software. Malware is often spread by means of rogue websites, software downloads, or email attachments.
Don't Macs get viruses?
“Macs don’t get viruses” is something anyone who knows an iMac user heard, and until recently, this statement was more or less true. Windows had more threats, and most malware was designed to infect Windows systems. This has been the trend since the two platforms were first compared.
Despite Apple’s best efforts, Mac malware does exist; we describe some cases below. However, before you panic, Mac malware and viruses are very rarely found “in the wild”.
From time to time you will hear of big profile trojans, malware, and ransomware that is targeting the Windows world, very rarely is this a threat to Macs. For example, the worldwide WannaCry/WannaCrypt ransomware attack that hit back in May 2017 was only targeting Windows machines and therefore no threat to Macs.
Throughout 2019, however, this has changed. Malwarebytes reported over a 400% increase in Mac malware detection. For the first time, not only did Mac overtake Windows in the number of detected threats, but it also did it by a 2:1 ratio.
This information, however, should be taken with a grain of salt, as Malwarebytes is a malware detection and removal tool. The aforementioned statistics only include threats that are detectable by Malwarebytes software and thus only encompass Mac users who have the software installed on their system. Therefore there is a much higher chance that most of their users already have malware present, as many Mac users do not install antivirus software until they see signs of their computers being infected.
Most typical Mac malware
Macs are not immune to malware, despite receiving less of it than Windows. According to Malwarebytes, adware was the most frequently found infection on macOS in 2022. One piece of adware named OSX accounted for 10% of all detections on Mac.
The company regards Genio as the "worst." Although it is categorized as adware, the report states that it exhibits malware-like behavior to "dig farther into the machines it's placed on, penetrating defenses and compromising security to make itself incredibly tough to remove."
Malware on Macs in 2022
October 20, 2022. What: Gives the target system a backdoor. attacking a flaw in a third-party Unix tool. As pkexec is rarely encountered on Macs, this is a very specialized target.
August 20, 2022. What: Computer viruses posing as job postings. Who: Users of Crypto.com and Coinbase.
Once, in July 2022. What: A VPN application that contains the malicious binaries "softwareupdated" and "covid".
Once, in July 2022. What: A spyware downloader that utilizes open-source cloud storage platforms like Yandex Disk, Dropbox, and pCloud. exploited CVE-2020-9934, which was fixed in August 2020 for macOS Catalina 10.5.6.
May 20, 2022. What: Attack on the supply chain using keylogging, screen capture, and remote file retrieval. Who: The Rust development community was the target.
May 20, 2022. What: The intention was for people to download malware rather than authentic Pykafka accidentally. Who: PyPI registry is the target.
April 20, 2022. What: Delivered using a disk image that appears to be a set of Bitget apps. Who: Websites that cater to gamblers.
March 20, 2022. What: A CorelDraw file that was made available for download and stored on a Google Drive. Who: Protest organizations throughout Asia.
When: January 2022. What: Included code for searching and writing files, dumping the keychain, running a remote desktop and more.
When: January 2022. What: Chrome browser extension that could steal information, hijack the search engine queries, and serve adware.
What Consumer Threats are Out There?
There are no Mac viruses; hence Mac users are frequently assured they don't need antivirus software. This is untrue, though, as Macs are vulnerable to viruses and have been for the whole of their life. Elk Cloner, the first well-known virus, only attacked Macintosh computers instead of MS-DOS machines. 2018 saw an evolution in Mac malware, with increased attacks against these supposedly impenetrable machines.
Although there has been a steady decline in the number of systems infected by traditional malware, such as Trojans and Backdoors, a new danger is on the horizon. As it was in 2018, adware is once again the dominant threat to consumers. Here is the breakdown of the top 10 categories of detected malware in 2019 (also taken from Malwarebytes’ annual report).
Generally, Adware detection on consumer devices increased by 13 percent from last year, much better than the 463 percent increase for businesses. Seven of the 10 top consumer threat families were adware variants, and five of the top 10 business threat families. The volume of global threats against business endpoints has also increased by 13 percent from last year.
It’s Not All Gloom and Doom
Of all the threats analyzed [by Malwarebytes] this year, only one incident included tricking the user into installing and opening something that should not be opened. Being more vigilant with what you download from the internet and double-checking the trustworthiness of software distributors is one way to possibly never face any issue with these threats.
Even better news, most of the detected consumer threats fall under adware and PUPs (i.e., Potentially Unwanted Programs) and thus are considered less dangerous than traditional malware. Therefore they are much less likely to cause significant damage to a user’s system.
Do you value your privacy online?
Use VPN Surf and surf safely and securely in the open waters of the internet.