18 February 2020

MacOS MalwareMacs were in the news again this week as Malwarebytes released a report claiming that for the first time ever, malware on Macs outpaced that of Windows-based PCs in 2019.

It sounds like a total nightmare for Apple users!

But hang on a sec… Malwarebytes released the report, and they have been promoting their Mac version of their anti-malware software recently.

So, what’s the real deal here?

The Malwarebytes Report

You can read the PDF report yourself here.

It turns out that the Malwarebytes report is pretty honest. For example:

We saw a significant rise in the overall prevalence of Mac threats in 2019, with an increase of over 400 percent from 2018. However, since you could argue—validly—that part of this was due to a corresponding increase in the total number of Mac endpoints running Malwarebytes software, it’s more interesting to look at the change in the number of detections per endpoint. Mac detections per endpoint increased from 4.8 in 2018 to a whopping 11.0 in 2019, a figure that is nearly double the same statistic for Windows.

This means that the average number of threats detected on a Mac is not only on the rise, but has surpassed Windows—by a great deal. This is likely because, with increasing market share in 2019, Macs became more attractive targets to cybercriminals. In addition, macOS’ built-in security systems have not cracked down on adware and PUPs to the same degree that they have malware, leaving the door open for these borderline programs to infiltrate.

[…]

Macs differ drastically from Windows in terms of the types of threats seen. Where we found several different categories and families in our top detections of Windows threats that classify as traditional malware , especially those aimed at businesses, most Mac threats, and certainly the most prevalent ones of 2019, are families of adware and potentially unwanted programs (PUPs).

The most common Mac malware family, OSX.Generic. Suspicious, fell well down the list at 30th place in Macspecific detections, and hundreds of spots down on a cross-platform threat list.

Now, what that means is that yes, more malware was detected on Macs. And the number of baddies per end user gizmo went up, and was almost double the number detected on Windows machines.

BUT, the stuff that was detected was “wimpy malware” – adware and PUPs (potentially unwanted programs).

If you read further in the report, it also becomes clear that just because adware and PUPs are “wimpy” doesn’t mean that they aren’t a real threat.

Some of this type of light malware isn’t so light after all, and can be used to do some pretty evil stuff. So, it’s still bad… It just doesn’t usually result in the same amount of mayhem as full-blown, high-powered malware like ransomware and that type of thing.

But hang on a minute…

If you’re thinking, “Well, yeah, but there’s a ton of that ‘light’ stuff on Windows that has been used for years to decry the security of Windows-based PCs even though it’s not Full Evil Malware!”

And… you’d be absolutely correct!

The above report also mentions an increasing prevalence of malware that targets businesses and organizations in recent years.

So we see that yes, detections are up on Macs, but it’s not all super-evil stuff, that stuff can still do bad things, and consumers are a bit less of a target than before.

In other words, yes, you should have anti-malware protection on your Mac given these results – just as you should use anti-malware software on your Windows PC, Linux PC, Android device, iPhone, or whatever else you use.

It’s just good plain common sense!

Okay, but what do other experts say?

Good question! To find out, I visited AV-Test.org, a German institute that tracks malware and tests anti-malware software.

On their AVTest Statistics Page, you can see all kinds of interesting graphs, including the following:

total_distribution_10-years_en
Here we see that since 2011, the total number of known, existing malware has skyrocketed. In 2020 so far alone, over 22 million new bits of malware have been uncovered!

macos_malware_10years_distribution_halfwidth_en
The chart above shows that there was a spike in malware detected on MacOS in 2015, then a lull in new detections in 2016, another little surge in 2017, and then a HUGE spike in 2018. 2019 also saw 59,405 detections, which is definitely noteworthy. But what about Windows?

windows_malware_10years_distribution_halfwidth_en
For Windows, we see a steady overall increase, again with a spike in 2015 and another spike in 2019. Note that the number of detections in 2019 was more than 89 million!!

Compared to the 59,405 for MacOS in the same year, it seems like that’s not such a big deal for Mac users after all.

Of course, this is where it gets hairy. Darn near every Windows user has malware protection, but not so on MacOS-based machines. That’s why the Malwarebytes report uses “detections per endpoint”. In other words, for those users who had Malwarebytes installed, how many puters detected how many threats on both Mac and Windows?

So, while there is less malware out there for Macs, it does appear that the number of threats detected on your average Mac is now higher than the average number of threats detected on a Windows machine.

Even though those Mac threats are “wimpy” ones, they are still threats for which most Windows users already have protection. To top it all off, it does appear that Macs are being heavily targeted – perhaps due to the perception that they have always been and will always be safer than a Windows-based PC.

Finally, for good measure, how’s Android malware doing these days?

android_malware_10years_distribution_halfwidth_en
It appears that there was a big surge in 2016, 2017, and 2018, but a drop-off in 2019. We’ll see how it goes in 2020!

So there you have it

Yes, there is malware on Macs, and yes, it does appear that it’s a very good idea to use anti-malware protection on your Mac.

Malwarebytes is an excellent choice on Windows PCs, and I imagine the Mac version is every bit as good although I have never personally used it since I don’t own any Macs.

Heck, I even use antivirus software on my Linux machines! Like I said, it’s just good old fashioned common sense.

Get Scottie Stuff!
Mac malware surged in 2019 – true or false?
Tagged on:                         

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.