Mac-based security threats outpacing Windows

Organisations running Mac-based systems are increasingly at risk of compromise, with the volume of threats targeting the environment now growing more rapidly than those targeting Windows, according to Malwarebytes’ latest annual State of malware report, which has just been released.

Over the course of 2019 – besides overarching trends such as an increased focus on targeted attacks, the resurgence of threats such as Emotet and TrickBot, and the emergence of new ransomware families such as Ryuk and Sodinokibi – Malwarebytes said it saw nearly twice as many Mac threats detected per endpoint as Windows ones.

It claimed to have seen 11 threats per Mac endpoint on average, compared with 5.8 threats per Windows endpoint, with overall Mac threats up four-fold year on year, although it did concede that a small part of the rise would have been down to growth in its Mac user base.

“A rise in pre-installed malware, adware and multi-vector attacks signals that threat actors are becoming more creative and increasingly persistent with their campaigns,” said Marcin Kleczynski, CEO of Malwarebytes.

“It is imperative that, as an industry, we continue to raise the bar in defending against these sophisticated attacks, actively protecting both users and businesses by flagging and blocking all programs that may violate their privacy, infect their devices, or even turn the infrastructure they depend on against them.”

Malwarebytes said the growth in Mac threats showed how the Apple platform is becoming a more attractive target for cyber criminals, helped by the fact that macOS’s in-built security systems have not cracked down on adware and so-called pups (potentially unwanted programmes) to the same degree as they have with more traditional malware. Indeed, both adware and pups seemed to be the most prevalent threats against Mac users.

Adware threats were also particularly problematic for users of Windows and Android devices, using increasingly aggressive techniques to get eyeballs on advertisements, including hijacking browsers, redirecting web traffic, and making themselves very hard to uninstall.

Other key trends observed by Malwarebytes included: a 13% rise in global business threats, with the services sector now the most targeted area, leapfrogging education and retail; 52% growth in TrickBot detections; a major uptick in ransomware, particularly of newly emerging variants; and growth in the use of credit card skimmers or Magecart.

“Adware inundated consumer and business users on all platforms and in all regions,” it said. “Exploit kits, malvertising campaigns and web skimmers threatened browsers. Consumers and lawmakers worried about the safety of their PII [personally identifiable information] and other data. There was no oasis where users could escape from cyber crime in the 2019 threat landscape.”

Malwarebytes made six key predictions for the year ahead: ransomware attacks will ramp up in volume thanks to a diversification in attack vectors, such as exploit kits, botnets, hacking tools and manual infections; web skimmers will broaden their impact by targeting e-commerce platforms and third-party plug-ins; the use of exploit kits and zero days will pivot to Chrome and Chromium-based browsers; hybrid attacks using multi-stage payloads will increase; concerns over the use of biometric data and facial recognition will escalate; and the US presidential election will almost certainly be subject to misinformation and possible compromise.