Malwarebytes Report: Mac Threats Up 400 Percent

The company’s ‘2020 State of Malware’ report shows Mac jumping ahead of Windows when it comes to average number of threats; consumer threat detections are down overall, but business threats are way up.

Ready to get scared? Today is the day that Malwarebytes, the now-venerable provider of anti-malware programs for all major operating systems at home or work, releases its 2020 State of Malware Report. It takes into account all the threats and attacks the company tracked in the year 2019 (specifically those made in real time and detected by its software and other sources).

The good news first: Detections of consumer threats were down 2 percent from 2018 (41.7 million to 40.9 million, which is still an egregious number). The bad news: Businesses got attacked 13 percent more (leaping from 8.5 million to 9.6 million). Combining both showed a 1 percent increase.

The chart above shows the major threats for consumers, with adware dominant. Trojan horse malware is on the decline, but only for consumers—Malwarebytes is clear that trojans will continue to be a problem in 2020. The trend is that “cybercriminals are losing interest in consumer targets.” The exception: The detection of hacktools used to hack into computers or networks is up 42 percent on the consumer side. Hacktools are not intrinsically bad, but they let bad actors get away with a lot of nastiness. The report calls the increase “concerning.”

The business side of things is all over the place. Adware spiked in the early part of 2019, then dropped. But it was the number-one threat category for the year, up 463 percent from 2018. Hacktools detected in business also were way up—224 percent. Ransomware, always a high-profile threat, was technically down 6 percent.

Perhaps most interesting to the PCMag audience is that the Windows PC platform, which many think of as the most under threat, may have become the safer platform to use. MacOS detections per endpoint went up from 4.8 in 2018 to 11.0 last year. That’s double the attacks that were detected on Windows in 2019 (5.8). Malwarebytes attributes this to more Macs being sold, making the platform far more attractive to cybercriminals. At least one family of adware, named NewTab, had 30 million detections on Macs by Malwarebytes—and it hadn’t shown up on the company’s radar until late 2018.

The report notes that while there are threats to iOS, there is no way to scan for them. A lot of it is “nation-state malware,” meaning other countries spreading phone infections. And on Android? It says, “mere stats cannot fully explain the threat landscape for Android users in 2019.” These treats included pre-installed malware (the manufacturer actually shipped the device with malware installed), trojans, and stalkerware. The last is a category that is, thankfully, not growing, as security vendors formed a coalition to crack down on apps that let people spy or stalk someone via their phone.

The report goes in depth on the various families of malware that Malwarebytes can ID, such as Trojan-turned-botnets Emotet and TrickBot, plus the areas of the world most under threat (North America wins at 48 percent of detected traditional malware). You can and should read it all, at Malwarebytes.com.