Many Apple owners believe their Macbooks and iMacs are immune to viruses. Apple itself has run ad campaigns promising its computers “don’t get viruses”. And those who have owned a Mac computer for years, decades even, are particularly prone to believing. After all, nothing’s happened to them yet. Regrettably, Macs do get viruses, and the threat is growing.
For a long time, the argument was that cybercriminals didn’t bother to develop Mac viruses. There weren’t enough users to justify the effort. Instead, they’d focus on the lower hanging fruit – computers running Windows. And yes, this is true. It's easier to develop malware for Windows and the "target audience" is far larger.
Yet Apple’s market share is on the rise, and it’s increasingly common to see Macs at home, especially in affluent households. Various estimates put Apple market share at around 10 to 12%.
Plus, there’s a widespread assumption that Mac users are a smart target as they are likely to be better off. So, while Macs remain harder to infect (installing most software requires a password), there’s often a greater payoff.
The research reflects reality. In 2017, for instance, the iPhone OS and Mac OS X placed #3 and #6 in CVE Details’ top 50 ranked by total number of distinct vulnerabilities. Apple TV and Safari also made the list at #17 and #18, respectively.
In 2017, Malwarebytes also reported it “saw more Mac malware in 2017 than in any previous year”. By the end of 2017, the cybersecurity firm had counted 270% more unique threats on the Mac platform than in 2016. Two years later, the numbers are still on the rise and don't seem to slow down!
Finding Apple’s Weak Spots
It’s obvious then that bad actors are no longer steering clear. They are actively looking for ways to exploit Macs.
A common approach is to use Trojans. Named after a gift wooden horse that hid an army, Trojans look like something you would want to install. So, Mac users happily enter their passwords to download that application and open the gates to the cybercriminal.
In 2011, for instance, a Trojan called “Mac Defender” took advantage of people’s desire to protect their computers. The fake program appeared to be anti-virus software. Once the users installed it, they’d get an onslaught of pop-up ads encouraging them to buy more fake software.
Trojans get through the gates because you let your guard down. You feel like your computer is a bit slow and here it is, a magic program that can fix everything! What could go wrong? All it takes to stop this type of attack is suspicion of everything you might install or download.
Another common way of getting infected is by clicking on ads or links in emails, especially if they are from strangers. Even if a message appears to have been sent by your friend, his or her computer might have been infected! Prevention is always easier than the cure.
- click on emails with care;
- validate the source of any files you plan to open;
- check website’s URL (being especially wary of those with less common endings such as .cc or .co);
- questioning any promises of Ray-Ban sunglasses for 90% off or the latest iPhone for $29.99.
- If in doubt, leave it alone and don't touch!
A new threat comes from within the Mac App Store, according to Thomas Reed, a Mac security researcher. When a user tries to install an app on a Mac, a Mac OS program called Gatekeeper checks the file’s code signature. The signature helps certify the app is valid.
However, Reed found that cybercriminals could buy a legitimate certificate from Apple, or steal one and trick users. Users would install masked malware that could infect legitimate programs and evade detection.
Malicious Browser Extensions
The major source of malware threats for most Apple users is actually browser extensions, especially if you use Google Chrome or Mozilla Firefox. Most of them are relatively harmless and just annoy you with ads and popups.
Some are more dangerous and can intercept the links you click on to redirect you to different places, with even more ads, upsells, or more dangerous malware waiting to be downloaded.
Spyware is one of the worst. Everything you are typing in your browser can be sent to 3rd parties and then used against you. They can steal your personal data, including financial details and passwords, and web pages you have visited.
Key Takeaway
Apple is always working to protect its users from malware. It has measures in place, and user caution can make a big difference, too. Still, it’s not true that Macs are completely safe.
Find out what you can do to protect your Macs and guard against threats. Not only we can install an antivirus to protect your Mac, but also add malicious content filtering, ads blocker, and make sure your MacOS is up-to-date!