Mac malware outpaced Windows PCs threats for first time in 2019, report says

According to a report from Malwarebytes on Tuesday, the number of malware threats detected on Mac endpoints outpaced those targeting Windows PCs for the first time in 2019, with adware accounting for a bulk of all detected threats.

In its annual State of Malware Report (PDF link), antivirus software maker Malwarebytes tracked a more than 400% increase in detected Mac malware on a year-over-year basis.

Tallying up threat detections on a per endpoint basis, calculus applied to account for growth in the number of Macs running Malwarebytes software, the firm found 11 threats per Mac endpoint in 2019, up from 4.8 in 2018. By comparison, results show an average of 5.8 threats detected per Windows endpoint over the same period.

The report speculates Macs are quickly becoming a sweet target for cybercriminals due to increased marketshare, though recent industry estimates show Apple's slice of market shrank over the past two quarters.

Perhaps more likely is a notable increase in fringe software. Malwarebytes notes Apple's standard macOS security safeguards are more focused on thwarting serious malware than "borderline" adware and potentially unwanted programs (PUPs), allowing the latter two families to propagate at speed.

"Macs differ drastically from Windows in terms of the types of threats seen," the report reads. "Where we found several different categories and families in our top detections of Windows threats that classify as traditional malware , especially those aimed at businesses, most Mac threats, and certainly the most prevalent ones of 2019, are families of adware and potentially unwanted programs (PUPs)."

Indeed, the most prevalent Mac threat, NewTab, is a particularly insidious family of adware that was detected nearly 30 million times in 2019. PCVARK, a PUP that took third place on cross-platform detections, ranked second in the Mac category with almost as many detections as NewTab during the same period.

MacKeeper, an infamous system "cleaning" program that was previously No. 1 on Malwarebytes' list of top Mac detections, fell to the third spot, while fellow PUPs JDI and MacBooster took fourth and fifth, respectively.

The top "traditional malware," sometimes defined as a backdoor, cryptominer or spyware, was OSX.Generic.Suspicious, a group of files that exhibited similar malicious behavior. OSX.Generic.Suspicious and scam-enabling software FakeFileOpener both topped 300,000 detections in 2019.

Despite the growing number of malware detections, at least as discovered on Malwarebytes' platform, Mac is still a safe environment as long as users remain conscious of bad actors. As noted in the report, all but one malware incident in 2019 involved duping users into downloading and opening offending software. The lone vulnerability that impacted Mac, according to Malwarebytes, was a Firefox zeroday targeting cryptocurrency companies.