A recent Malwarebytes’ report says that in 2017 there was noticed more Mac malware than in any year before, and that Apple’s ongoing protection strategies might not be enough to protect its consumers from potential threats.
Thomas Reed, the director of Mac offerings at Malwarebytes, says that it is trivial to compromise Apple devices nowadays: “The only difference is that for historic reasons, there's so much more malware on Windows. That may not always be the case”, – says T. Reed.Reed also adds that XProtect, Macs’ security system, is not strong enough to block and remove serious malware; also, it is not difficult for viruses to get through the macOS’ Gatekeeper.
The most common types of unwanted software that annoy Mac users are legitimate adware and browser hijackers. However, Apple cannot do anything about them. According to T. Reed, a third-party security system could be the only solution for Mac consumers to get rid of the annoying-but-legal software.
The report by Malwarebytes says that “Our tracking of Mac malware has seen a more than 220 percent increase in malware so far in 2017 over 2016”. It also adds: “This 220 percent figure is only considering the appearance of new malware, not the number of affected endpoints. In some cases, malware has been known to infect thousands of endpoints, in others only a handful, and for others it is not known how many endpoints were infected.”
However, Mac malware is the least common issue for Apple. Adware and other potentially unwanted programs, known as PUPs, have become a real big problem for Apple back in 2013 and kept increasing since then.
According to T. Reed, malware engineers and developers found Mac as a good target, but Mac users, compared to Windows users, are not targeted with a large volume of really malicious malware, such as keyloggers or spyware.
“What we're seeing more of is adware and PUPs. They tend to stick around longer — if you create a PUP, it's hard for Apple to say, 'That's a bad app, you shouldn't use it”, T. Reed says. The mentioned adware and PUPs are made and spread legally by legitimate organizations, so Apple is unable to fight against them.
“I like to think of PUPs as malware with lawyers,” he adds. “Apple is very quick to draw the line on malware and kill it at the OS level. But when it comes to PUPs, the line is more fuzzy, more gray. … Apple could take a really hard stance, but these PUP companies tend to fight back. And Apple is a big juicy tempting target for a lawsuit.”
When it comes to really malicious Mac malware, it seems that it won’t infect Apple for some more time. However, according to all the signs, Mac malware is also improving.
Thus, many Mac experts couldn’t fight against the ProtonRAT malware. In addition, T. Reed reveals that Apple’s AntiVirus system built in Macs is not enough to resist.
One of the issues T. Reed notices is that basically anyone who has an email and spare $99 for the Apple Developer Certificate, can release malware which will be accepted as secure by macOS’ Gatekeeper.
In addition, XProtect, the AntiVirus software for Macs, is very basic and is only able to scan new apps against narrow database of known malicious identifiers.
“The biggest problem is that XProtect only activates once — and only if something is quarantined, such as being flagged by Gatekeeper”, T. Reed explained. He also adds that XProtect does not check apps again after updates.