The spread of malicious software on Macs seems to be on the decline again: the AV manufacturer Malwarebytes recorded almost 40 percent fewer malware threats among Mac customers in 2020 than at the peak in 2019. In particular, the “detections” made by the AV tool on end customer Macs “have fallen significantly, but in contrast to Macs in corporate use have increased by a good 30 percent.
Hardly any classic malware
The proportion of classic malware such as data and cryptocurrency thieves and back doors is also increasing on Macs, but only makes up the small part of 1.5 percent of all detections. The remaining 98 percent are reported to be potentially unwanted software (“Potentially Unwanted Programs” – PUPs) with a share of 76 percent and adware (22 percent). This type of malware was mainly recorded in the record Mac malware year 2019.
The Mac adware is behaving more and more cleverly, write the security researchers in their State of Malware 2021 Report, there are variants that try to access the admin password, browser extensions are installed using synthetic clicks and, in some cases, the rights management of the operating system should be modified. At the same time, Malwarebytes warned again that Apple is now also granting disreputable software special permissions so that it can no longer be deleted from Macs by other AV tools. Last year, Apple also caused a stir that Apple certified adware several times, so that users were not warned during installation – until Apple withdrew the certificate used by the provider.
The most unusual Mac malware in 2020 was ThiefQuest, the AV manufacturer sums up. The malware was packaged as installers of cracked versions of popular Mac tools that were delivered as torrent files and initially looked like classic ransomware, but actually embedded itself deep in the operating system and tried to extract as much user data as possible and transfer it to a server. Malware designed for general instead of targeted attacks continued to exist on the Mac in a very limited form.