Mac users have been getting their fair share of infections lately, as Apple’s built-in defenses just aren’t enough to ward off the latest waves of malware, experts claim. The reason for the sudden rise of Mac malware, you ask? An uncharacteristic complacency on Apple’s end.
A Historic Increase
Earlier this year, well-known cyber security experts—researchers Patrick Wardle (Synack) and Amit Serper (Cybereason)—predicted 2017 to be a banner year for Mac malware. Their forecast has, sadly, been spot on.
A report from Malwarebytes reveals that there has been more than a 220% increase in malware incidences so far. That’s in comparison with 2016’s figures within the same period. The scary part is that the number considers only the appearance of new malware and not the number of affected endpoints.
New strains of malware may infect several Mac systems, but the number of affected end users hasn’t been taken into account. Estimates suggest that the figure is in the thousands.
Common Mac Malware
Reports say that malware “is the least prevalent of all Mac threats.” We can’t heave a sigh of relief just yet, though. The more significant problem on Macs nowadays? Topping the list are adware and PUPs (Potentially Unwanted Programs).
While those two have only become a real issue for Macs in 2013, they’ve been multiplying at an alarming rate since. Nowadays, it’s common to see Mac computers plagued by browser hijackers and annoying adware. Both often come bundled with free software or shareware you install on your machine.
Annoying Adware and PUPs
Free programs and utilities downloaded from the Internet may offer you convenience, but many often carry some form of adware. Although these aren’t designed to harm your computer, any adware is a nuisance.
Getting redirected to promotional sites every time you do a Web search, seeing new (often unnecessary) toolbars on your browser, or encountering pop-up ads that can’t be closed easily—adware often has a knack for turning your online experience into a chore.
These aren’t the only annoying things adware does when permitted to roam freely in your Mac. In worst-case scenarios, these unwanted programs can drag your Mac’s speed or cause a spike in your data usage. We’re certain nobody would want these consequences.
Worst Threat So Far
Among the new malware attacking Macs in 2017, one particular strain has caught the public’s attention. Experts have singled out ProtonRAT Trojan this year because it has been particularly bothersome.
The MacOS Proton RAT could execute shell commands as root, steal passwords, take screenshots of the desktop, steal files, and even access the webcam. Even scarier is that it would run every time an infected user logs on to their MacBook/Mac.
Luckily, Apple has updated its OSX’s XProtect to detect and neutralize the Mac malware. They’ve shut down the compromised server where the threat came from, too. Despite recent updates, the Cupertino-based company couldn’t get rid the Mac’s growing adware dilemma.
“Malware with Lawyers”
Cybersecurity researchers point out that Apple is having difficulty detecting and getting rid of adware and PUPS. This may be why those two tend to stick around your Mac longer than most unwanted programs.
The primary reason behind it is that Apple could be a target for a lawsuit if it cracks down on these annoying pieces of software. For the most part, adware and PUPs are distributed by legitimate companies that tend to fight back if Apple does take a hard stance against their program. Consequently, Apple is embracing a more passive approach when it comes to PUPs.
Inadequate Mac Malware Protections
Beyond legally backed adware, security experts think that the built-in defenses on Macs may not suffice against threats. Many have expressed concern about how easy it is to acquire an Apple developer certificate, which is used to “sign” malware so it can pass through macOS’ Gatekeeper undetected.
The Gatekeeper deeming actual malware as “safe” isn’t the only thing compromising Mac users. Cyber security experts have also criticized XProtect, the basic antivirus software running on macOS. The fact it only checks new software against a limited database of known malware once has been a huge disappointment.
Improving Mac Malware Protection
It goes without saying that every macOS users should take extra steps to secure their computer and protect their privacy. Here are 4 tips to accomplish these goals:
Install Third-Party Antivirus
Reinforce Gatekeeper’s and XProtect’s capacity to neutralize the latest malware threats with a reliable third-party antivirus. On top of AV-TEST’s recent evaluations of leading security suites (all deemed compatible with Mac systems) are Kaspersky Lab and Symantec. Include the anti-malware software, Malwarebytes (which you can get for free), for good measure.
Keep the Firewall Up
Check if your Mac’s firewall is on. Go to System Preferences > Security > Privacy and then select the firewall tab to see if the security feature is running. The firewall protects your system from unwanted incoming connections from the Internet or other computers within the same network.
Utilize a Guest User Account
It’s a little less hassle using an admin account on your Mac, sure. This convenience, however, makes it easier for your files to get compromised the moment a hacker tricks you into downloading malicious software. For your daily use, we recommend creating and making use of a separate guest account. Limit the use of the administrator account only for adjusting specific configurations or doing installations.
Keep macOS Updated
More than the cosmetic changes and feature upgrades, OS updates bring in security patches. These are necessary to remedy vulnerabilities within macOS and ensure your computer stays ahead in the fight against Mac malware. Never hold off on an update when they come, especially when you wish to expand XProtect’s malware definition. Doing so essentially arms your Mac to better combat the latest threats.
More hackers and online crooks are finding Mac users as viable targets. Because they’ve been on the offensive, we have to be extra cautious with the stuff we do online. If that means getting an extra layer of protection and securing emails from malware on our MacBooks, so be it.