The recent State of Malware report by Malwarebytes reveals some interesting statistics. One which caught my eye was the fact that cybersecurity threats to Apple Macs have increased more than 400% from 2018.
In the report, Malwarebytes say they identified an average of 11 threats per Mac, which was double that seen on Windows devices (5.8 threats on average).
Furthermore, cybercriminals have been able to target Macs more aggressively because Apple's built-in security has not cracked down on "adware and PUPs (Potentially Unwanted Programs) to the same degree that they have malware," making it easier for malicious software to infiltrate computers with Mac operating systems.
It has always been a commonly held belief that Macs were safer to use than PCs, but I believe that this is/was due to a number of factors:
- Macs have always been a more closed system than Windows.
- Mac OS doesn’t have to compensate for multiple vendors (hardware and software) like Windows does.
- Macs were never as popular as Windows-based PCs.
Apple have been a major lifestyle vendor for many years now, and that success has seen them sell billions of devices worldwide. That success is a driving factor in the rise of threats for Mac users.
Criminals will target anything they feel will reap rewards, and Apple devices are now seen as a lucrative avenue. Statistics from Gartner show Mac sales reached 5.2m in Q4 2019, giving Apple a 7.5% share in global PC sales, behind Lenovo, HP and Dell.
The top 2 malware seen by Malwarebytes are PCVARK and Adware.NewTab.
PCVARK is a generic name for "system optimisers" or "junk-cleaners" that claim to make your system faster. This threat was only number 31 on the list in 2018 but now sits at number 2.
The name is taken from the company who has been responsible for the production and distribution of various PUPs over the last few years. One such tool is Similar Photo Cleaner.
PCVARK accounted for around 25m malware attacks on Macs last year.
Adware.NewTab browser extentions
At the top of the list was Adware.NewTab, which accounted for nearly 30m attacks in 2019. Adware.NewTab is a browser extension that pretends to be a tracker for packages or flights, but offers advertisements not originating from the sites you are browsing.
As with Similar Photo Cleaner, this threat is one which the user must agree to install. Mac OS does not allow for any unsigned apps to be installed without user permission.
But... it looks legit!
It’s quite easy for users to be tricked into installing such applications. A quick Google search for Duplicates Cleaner (another PCVARK utility) returns a long list of websites that say how good the tool is, and that they highly recommend people use it.
On the Apple Mac app store, Duplicates Cleaner gets a score of 4.6/5.
Anyone looking for such an app would be hard-pressed to smell anything fishy going on with so many people reviewing the tool and remarking on how good it is – are these reviews fake, or just posted by those who were also caught out by the scam?
Once thing is certain: people still need to be very much on guard when it comes to installing software, extensions or add-ons.
At QA, we deliver many cyber courses aimed at keeping you and your systems safe from cyber threats.
After leaving a career as a Mechanical and Electrical Engineer in 1998, Mark started out with a fresh career as an IT trainer. Spending the first few years as an applications trainer, Mark excelled in delivering Microsoft Office and Adobe products. In-line with his background as an Engineer, Mark soon shifted focus to more technical deliveries, including hardware and networking topics; a field he has remained in ever since. As a natural progression of his career saw Mark start to explore the security aspect of his existing competencies and since 2005 has specialised in the Cyber Security domain. Mark has been the author of a number of QA Cyber Security courses and was the design authority and author of the 2017 NCSC Cyber First Academy. Mark is a C|EH and is currently undergoing the process of becoming an NCSC Certified Cyber Professional.
More articles by Mark
How random is random?
Sometimes an attack might be right in front of your eyes!
Who you gonna call?
Denial of Service attack for iOS devices
Safer Internet Day 2019
The Invisible Attack