According to recent findings of security professionals, Mac malware operators continue to cash in on adware attacks that hinge on human error.
In early 2020, analysts at Malwarebytes reported a dramatic spike in the distribution of Mac threats. The security firm’s solutions had detected a fourfold year-over-year increase in malicious apps tailor-made to run on macOS machines. Back then, these unsetting statistics eclipsed the state of things in the Windows threat ecosystem, but there was an important nuance worth emphasizing. The vast majority of these menaces were adware. Despite reports like that, PCs continue to be much more susceptible to things like exploits and classic malware attacks, including ransomware raids.
Apple devices are relatively safe, but things are changing
According to Thomas Reed, director of Mac and Mobile at Malwarebytes, this was likely the name of the game throughout 2020, too. Exploits are still exotic phenomena in the Mac arena, and it’s a lot more common for a PC user to visit a website and catch a piece of malware without any red flags being raised. Furthermore, Apple maintains a more tightly supervised software environment in which an app can be seamlessly installed off of the official App Store, otherwise the setup process must be accompanied by a series of clear-cut permission requests even if the program comes from a verified developer.
However, more sophisticated attacks are gradually starting to make themselves felt in the Apple environment as well. The recent scandal involving a commercial zero-click exploit in iMessage demonstrated the trend, with the foul play allowing governments to spy on independent journalists. Such attacks are blurring the line between the complexity of Windows threats and their counterparts in the Apple territory.
Most Mac attacks happen because of user slip-ups
The domination of adware in the cesspool of Mac threats is fueled by a lack of vigilance on a user’s end. The authors of these digital culprits try to hoodwink targets into granting permissions, including administrator rights, which suffice to execute the dodgy code on systems. As a result, malware gets its privileges escalated so that it can hold sway over browsers and establishes persistence. Therefore, users need to think twice before downloading apps from dubious sources and read the fine print during the installation.