Malwarebytes finds that more malware for Macs appeared this year than ever before
Earlier in May, the popular macOS video transcoding app HandBrake was compromised. One of the two download servers for the open-source program was hacked, and it served a malware-infected version of the app for about three days. Anyone who downloaded and launched the infected version would have a remote access tool quietly installed on their Mac, giving attackers remote control of their computer.
According to information-security firm Malwarebytes, this is just one of a growing number of malware targeting the Mac. Its latest report claims that more new malware families have surfaced in 2017 than in any other previous year in Mac history — which would be alarming, because a threat analysis report by McAfee showed that malware for the Mac already grew by 744% in 2016.
“We’ve always been told that Macs don’t get viruses,” Thomas Reed, director of Mac and mobile for Malwarebytes, told me. “And people are starting to realize that’s not actually true. Macs are becoming increasingly more popular, so more of them are often in the hands of people, like CEOs of corporations and others. That makes the Mac an increasingly desirable target.”
Most people think of malicious software as ‘viruses,’ but the term ‘malware’ encompasses all malicious software, including viruses, ransomware, spyware and the like. “The vast majority of threats are on the Mac are trojans,” Reed said. “They’re programs that you trick the user into running, and a good example of that is what happened with Handbrake.”
Watch out for PUPs (not the cute kind)
The latest version of Malwarebytes for Mac is supposed to protect against attacks like the one executed with Handbrake, using a real-time anti-malware protection scanner that’s available with the premium version (there is a free version of Malwarebytes for Mac which doesn’t have real-time protection, but is able to scan for and clean malware).
But Malwarebytes believes that threats against Mac owners don’t just come from third-party app downloads, but also from within the official Mac App Store — a class of malware they call Potentially Unwanted Programs (PUPs).
“PUPs are usually programs that try to scam the user into purchasing, and they don’t offer any actual functionality or anything that’s worthwhile,” Reed said. “One good example of that, and there are a lot of these right now in the Mac App Store, are fake anti-virus apps — a couple of them in the Store go by the name ‘anti-virus Thor.’ So the thing that really makes Malwarebytes stand out is that we have a very aggressive stance against PUPs in particular.”
According to Malwarebytes’ tests using malware samples, these apps don’t do what they advertise. They might come with an anti-virus engine, but they don’t actually detect any Mac malware.
But while it’s may be true that the Mac faced a larger number of malware threats this year, the WannaCry malware, arguably the biggest attack of the year, targeted Windows computers. The Mac now has nearly 100 million active users, but Windows still dominates with more 400 million active users of Windows 10, which still makes it a more lucrative target.
And even though guarding against malware attacks is essential, many victims these days get their login credentials stolen not through downloading software, but through phishing — clicking on a malicious link in an email that’s pretending to be a legitimate site. US presidential candidate Hillary Clinton’s campaign was hacked through such a method, and because phishing attacks come through email, it can affect anyone, regardless of which OS they use.
Some anti-virus programs will actively block known phishing sites, but Malwarebytes for Mac doesn’t have that feature yet. “Malwarebytes handles phishing on Windows with web protection that blocks phishing websites,“ Reed said. “We don’t have that functionality on the Mac yet, but that will be coming in the future.”
Security tips for Mac owners
With more malware than ever before targeting the macOS, what can a Mac owner do to keep his or her personal data safe?
“The first thing I will do is not install too much stuff. Especially when it comes to browser extensions — those are a constant source of problems. So only install the things you really need. Then the other thing I do is that I always have a good VPN, and you don’t want to use any of the free ones. That will keep your browsing secure when you’re on public Wi-Fi. And obviously, I install Malwarebytes on my computers, all of them.” – Thomas Reed, director of Mac and mobile for Malwarebytes
Read Next: 6 ways people like you are getting hacked
Explore Next: The evolution of ransomware – past, present and future