Mac Attackers Remain Focused Mainly on Adware, Fooling Users

Despite reports that Macs have encountered more threats than Windows systems, the platform still sees far fewer exploits and malware - including ransomware.

The year 2020 kicked off with reports that Mac cyber threats had taken off, with machines encountering twice as many threats as Windows systems. But as the year came to a close, the average user of the Mac OS continued to see fewer malware and ransomware threats than Windows users, security experts say.
In February of 2020, endpoint security firm Malwarebytes reported that its Mac users encountered about twice as many threats as Windows users. Those threats, however, consisted mainly of potentially unwanted programs (PUPs) and adware, not malware.
While the data for the entire year has not been fully analyzed, the trend seems likely to continue, says Thomas Reed, director of Mac and mobile for Malwarebytes.
On Windows, we have all sorts of exploits that happen—it is a much more common thing on the Windows side to, say, visit a website and suddenly your machine is infected, he says. That really does not happen on the Mac OS.
Apple has typically benefited from its minority marketshare among desktop and laptop systems as well as a more tightly controlled ecosystem. Binaries typically must come from either the Apple App Store or a recognized developer, for example, to avoid requiring the user to specifically allow the program to install, a feature more restrictive than the AppLocker policy on Microsoft Windows.
Not Immune, Though
However, Apples operating systems—both Mac OS and iOS—are certainly not immune to attacks.
A recent report by The Citizen Lab at the University of Toronto underscored that
the commercial sale of zero-click exploits in iMessages
, for example, continues to allow governments to buy access to target dissidents. Now, malware families that have previously only targeted Windows, and sometimes Linux, are also being ported to target Macs, says Ian Davis, a senior threat researcher at BlackBerry.
Historically MacOS threats mainly centered around adware and trojanized downloaders of well-known software, he says. While these less-than-lethal families are still the majority of encountered samples, advanced attacks and toolsets are now being developed and deployed along with their counterparts for Windows and Linux.
Overall, the sophistication of MacOS threats is increasing, the two researchers say. Previously encountered families on Windows or Linux are also now targeting MacOS systems. In 2020, the community saw increased cases of ransomware, botnet campaigns, and information-stealing backdoors in MacOS environments.
Mac User = The Vulnerability
While at least a quarter of the threats encountered by Windows systems are malware, less than 1% of those encountered by Mac systems are considered malware, Malwarebytes
stated in its February report
. Instead, attackers targeting the Mac look to fool the user into taking the necessary steps to allow malware to run.
The tactics underscore that the user has become the most significant vector for running dangerous code on systems, and so companies should make sure to train Mac users to be more aware of security threats, says Blackberrys Davis.
Users should exercise caution downloading or running software from untrusted sources and granting any added permissions, regardless of their chosen operating system or architecture, he says. Threats continue to largely rely on users running the executable and/or granting administrator rights during execution rather than making use of exploits to escalate privileges and obtain persistence.
An interesting side effect of Apples focus on tools to strengthen user privacy is that attackers are often blocked from accessing data on Macs, notes Malwarebytes Reed. An attacker that wants to access to the users address book, for example, will need to gain specific rights—an action that gives the user another attempt to recognize an attack.
Because of some of the privacy protections that apple is putting in place, in order to do that, I have to figure out a way to trick the user into giving me access into all the protected data locations on the system, such as Calendars, Addresses, he says.
Mac OS is far from invulnerable when it comes to the attackers perspective, says Malwarebytes Reed. I am always telling people at conferences—somewhat facetiously—that Im disappointed in what some of the Mac malware does, (but) as long as you know that your target will fall for what you are doing, then why bother with something sophisticated.
Meanwhile, attackers overall are upping their game, and those developing malware for Macs are continuing to incorporate tactics pioneered by malware families on Windows and Linux, BlackBerrys Davis notes.
The old adage that MacOS is not susceptible to malware is far from the truth and the gap between Windows and MacOS threats is closing, he says.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Mac Attackers Remain Focused Mainly on Adware, Fooling Users