The opportunistic malware problem on Macs is definitely increasing.
Chester Wisniewski, Sophos senior security adviser and principal research scientist
Chester Wisniewski, Sophos senior security adviser and principal research scientist, said, "The opportunistic malware problem on Macs is definitely increasing."
Unlike Windows, which has hundreds of millions of pirating that aren’t getting updates, there is less of that in the Mac world. Wisniewski said, "Apple makes it easy to keep up to date."
Mac threat ignored
Still the Mac threat has been largely ignored for a long time, but Mac users are starting to understand the need for more protection.
On the truly malicious side, there has been an uptick in password stealing areas. "Mac Trojans that try to take your keychain to access corporate credentials, any and all credentials stored in the back keychain. It's an opportunistic publicly known malware against Macs," said Wisniewski.
"The Apple specific malware is very different from what we see in the Windows world. There is very little ransomware. There was KeRanger ransomware for Mac, but that wasn’t very widespread. The vast majority of what we see are potentially unwanted application (PUAs)," Wisniewski said.
Thomas Reed, director of Mac offerings at Malwarebytes, agreed that the biggest threat to Macs is with the unwanted applications. "In my eyes, there are three different categories. Malware, which is outright malicious. Adware, which is more scamming, less ethical, and the potentially unwanted programs (PUPs), which are not detected as malicious but none the less things you don’t want."
Even though the number of malware for Macs was a total of only seven different malware families last year, which Reed said is on par with previous years, there has been a big explosion in the adware and the PUPs.
"There has been a lot of adware mostly belonging to Ironcore, Cross Rider, MacKeeper, and Advanced Mac Cleaner. These also affect machines in the Windows world," Reed said.
While malware is most harmful, Adware is more of a scam toward the advertisers. "They get paid by advertising companies for putting ads in the user's face. Injecting them into websites or replacing ads or redirecting the user to different search engines," Reed said.
On the surface, these are not really harmful to the user or computer, but they can open up security holes. "They can create security vulnerabilities. A few years ago, there was a vulnerability in Mackeeper where they could create a custom URL so that if the user clicked it would open the URL in Mackeeper and run custom code in that URL. After that vulnerability was discovered it was being used to deliver malware onto Macs," Reed said.
"Mac is not significantly or implicitly more secure," said Reed. "It has good security features, but it is not bullet proof. It's more security by obscurity. Most are targeting Windows where the big money is. The numbers really are a problem for Windows, but Macs are not bullet proof."
Sign up for CIO Asia eNewsletters.