This article is more than 1 year old

B-but it doesn't get viruses! Not so, Apple fanbois: Mac malware is growing faster than nasties going for Windows

So says Malwarebytes, anyway

Software nasties targeted at MacOS are on the increase faster than ones for Windows, according to antivirus biz Malwarebytes.

Malicious software targeting users of Apple Macs has leapt over the last year, the security outfit said in its latest State of Malware report.

Describing this as an "exponential" increase, the firm said that detections of nasties targeted against innocent Apple fanbois were up 400 per cent year-on-year, while adding the caveat that its Mac userbase had also grown a bit.

In its report the company said: "In 2019, we detected an average of 11 threats per Mac endpoint — nearly double the average of 5.8 threats per endpoint on Windows." This should be read in light of Malwarebytes having a relatively smaller number of Mac users than Windows users.

Malwarebytes' Thomas Reed, director of Mac and mobile, told The Register: "The increase in Mac endpoints with Malwarebytes installed only increased around 40 per cent (not 400 per cent) from 2018 to 2019. So, although this growth is definitely a factor, it is far too small to account for the growth in malware."

He added: "If you look at data on the detections per endpoint, which eliminates any bias caused by growth in the number of endpoints, you'll see that it's still significantly higher in 2019 than in 2018."

The two Mac threats highlighted in the report were NewTab, a fake browser extension that loads ads instead of doing anything useful, and potentially unwanted programs (PUPs) from shady Mac developer PCVARK. NewTab was picked up by its products around 30 million times last year, Malwarebytes said.

Aside from Mac malware, Malwarebytes said trojans-turned-botnets Emotet and Trickbot continued to "hammer" businesses across the globe, with Trickbot infections having increased by 50 per cent over 2018. The notorious Emotet banking malware steals information including login details for financial services. Trickbot works in a broadly similar fashion.

Meanwhile, detections of ransomware favourites Ryuk and Sodinokibi were up by several hundred percentage points year-on-year.

British, French and German users of Malwarebytes are most likely to find themselves infected with adware if something goes awry, while Brit businesses tend to find registry keys set by malware to prevent security software from running effectively, rounded up under the Malwarebytes term Hijack.SecurityRun.

The report can be downloaded from the Malwarebytes website as a 57-page, full-colour PDF. ®

More about


Send us news

Other stories you might like