Mac Threats Are on the Rise

The Computer ShopComputers, Security & Privacy

Cybercriminals are targeting Mac devices at an alarming rate. Find out why the rate is increasing and the types of threats Mac users face.

In the past, Mac devices have largely been out of cybercriminals’ crosshairs. While hackers occasionally launched malware attacks against Mac machines, they targeted Windows devices much more often. But this is no longer the case.

For the first time, cyberthreats targeting Mac devices have outpaced those targeting Windows machines. In 2018, there was an average of 4.8 threats detected per Mac endpoint. In 2019, the average soared to 11 threats per Mac endpoint — almost double the average of 5.8 threats per Windows endpoint, according to Malwarebytes Labs’ “2020 State of Malware Report“.

This dramatic increase in threats is partly due to the fact that Mac’s market share increased in 2019. The more popular a software program becomes, the more attractive it is to cybercriminals. Another factor attributing to the rise in threats is Apple’s failure to adequately deal with adware and potentially unwanted programs (PUPs). Apple has not cracked down on adware and PUPs to the same degree it has cracked down on other types of malware, according to the “2020 State of Malware Report”. This has left the door open for these programs to infiltrate Mac devices.

 

Adware and PUPs Are Mac’s Achilles Heel

Adware and PUPs are the main types of malware seen on Mac devices. Adware is the name given to hidden programs that display ads. These programs sometimes perform other malicious actions, such as redirecting search requests to advertising websites, covertly monitoring a user’s online behavior, and changing a web browser’s homepage without the user’s permission. Adware typically gets on devices when people download freeware or shareware. It can also be installed when someone visits an infected website.

PUPs are programs that people do not want, despite the fact that they consented to their installation. They are often bundled with applications that the users actually want. For example, a desired app might include an unrelated web browser toolbar or trial software for a different program. Information about the PUPs being installed is often hidden in long license agreements, or it is briefly mentioned when the desired software is being installed.

Once installed, PUPs commonly display popup ads or dialog boxes trying to get users to perform an action, such as purchasing the program promoted by the trial software. Besides being annoying, PUPs can lead to other problems, such as applications freezing. They also take up valuable disk space.

According to the “2020 State of Malware Report”, a family of adware referred to as NewTab and a family of PUPs known as PCVARK are the top two threats to Mac devices. NewTab redirects web searches to specific sites to generate illicit ad revenue. The adware is typically spread through fake flight-tracking, package-tracking, and online-mapping web pages. PCVARK programs are supposedly system optimizers for MacOS systems. These PUPs try to convince users that their Mac devices have problems that can only be resolved by purchasing the software.

Both NewTab and PCVARK were detected on Mac machines more than 25 million times in 2019. These two threats were even high up on Malwarebytes Labs’ overall threat list, which looks at threats across all platforms. NewTab and PCVARK were in the No. 2 and No. 3 spots, respectively. This is the first time Mac threats were near the top of this list.

 

What You Can Do to Protect Your Mac Devices

Although adware and PUPs are not considered as dangerous as more traditional types of malware (e.g., ransomware), they can be detrimental. Besides being annoying, they can slow down your device, collect personal information about you, consume your machine’s resources, and more. As a result, it is a good idea to try to prevent adware and PUPs from getting on your device. Here are some actions you might consider taking:

  • Install apps from only trusted sites, such as Apple’s App Store.
  • Research an app before you install it, even if you are downloading it from the App Store. For example, read reviews of the app to see if anyone mentions having any suspicious experiences after installing it.
  • Read through licensing agreements carefully to make sure PUPs are not included.
  • Do not blindly accept a “standard”, “express”, or “default” installation, as it might include PUPs. Take the time to read through the install wizard’s instructions and notes.
  • Avoid visiting questionable websites. They might install adware on your Mac device.
  • Use security software. It can find and remove adware and PUPs that have snuck on to your machine. In some cases, it can even prevent their installation.
  • Resist the urge to enable web content that has been blocked by your security software or web browser.

If you think that your Mac device might already have adware or a PUP on it, we can investigate and remove it if found.

Night Light flickr photo by Phing. shared under a Creative Commons (BY-SA) license