Mac Malware Detections Dropped 38% in 2020, Most Still Adware

Antivirus software developer Malwarebytes today shared its 2021 State of Malware Report, which found that malware threat detections on Macs fell a total of 38 percent in 2020.

In 2019 Malwarebytes detected a total of 120,855,305 threats, which dropped to 75,285,427 threats in 2020. Consumer threats were down 40 percent, but as businesses operated remotely and shifted to online work, threat detections for business users grew 31 percent.

mac malware 2020
There was a drop in detections of Adware and potentially unwanted programs (PUPs), but Malwarebytes says that malware, which includes backdoors, data stealers, and cryptocurrency stealers/miners, increased by more than 61 percent.

That number sounds high, but malware still only accounted for 1.5 percent of all threat detections on the Mac, with the rest still coming from Adware and PUPs.

Potentially unwanted software represented more than 76 percent of detection in 2020, while Adware represented approximately 22 percent. These are overall numbers, and the breakdowns varied somewhat by country, but most Malwarebytes users are in the United States. Business machines saw a bit more malware and adware, with less unwanted software.

Of malware found on Macs, the top 10 malware families accounted for more than 99 percent of the total, with more than 80 percent detected due to suspicious behaviors. OSX.FakeFileOpener, malicious apps designed to open files, accounted for the second highest number of detections.

top mac malware 2020
Malwarebytes says that the most unusual Malware detected on Macs in 2020 was ThiefQuest, which spread through installers found on torrent sites. When infected, Macs would start to have files encrypted, with the malware providing ransom instructions.

These instructions went nowhere, though, and didn't provide a legitimate contact for removing the encryption. Instead, the ransomware was a cover for something more malicious.

Upon further investigation, we learned that the ransomware activity was really a cover for massive data exfiltration, including MS Office and Apple iWork documents, PDF files, images, cryptocurrency wallets, and more. This kind of malware, known in the Windows world as a "wiper," had never before been seen on Macs.

Even more interesting, the malware would inject malicious code into executable files found in the Users folder, such as components of Google Software Update, in a virus- like manner, another rarity in the Mac world. The combination of these features made ThiefQuest not only the most unusual Mac malware in 2020, but perhaps the most unusual Mac malware ever.

Sophisticated adware techniques were also spotted on Macs in 2020, including phishing for admin passwords, using synthetic clicks to automate browser extension installations, modifying the sudoers file to maintain root permissions indefinitely, and manually editing the TCC database to give the adware more system access.

On Macs, Malwarebytes says that the "business model of choice for most criminals" remains Adware, with trojans, worms, spyware, and RiskWareTools being more common on Windows machines. Still, malware is an increasing Mac problem and it's something that Mac users should be aware of.

Malwarebytes' full report can be read on the Malwarebytes website.

Popular Stories

iPhone 17 Pro Lower Logo Feature 1

iPhone 17 Pro Coming Soon With These 14 New Features

Monday June 30, 2025 1:08 pm PDT by
Apple's next-generation iPhone 17 Pro and iPhone 17 Pro Max are less than three months away, and there are plenty of rumors about the devices. Apple is expected to launch the iPhone 17, iPhone 17 Air, iPhone 17 Pro, and iPhone 17 Pro Max in September this year. Below, we recap key changes rumored for the iPhone 17 Pro models:Aluminum frame: iPhone 17 Pro models are rumored to have an...
A18 Pro Chip

New MacBook With A18 Pro Chip Spotted in Apple Code

Monday June 30, 2025 8:05 am PDT by
Apple is developing a MacBook with the A18 Pro chip, according to findings in backend code uncovered by MacRumors. Earlier today, Apple analyst Ming-Chi Kuo reported that Apple is planning to launch a low-cost MacBook powered by an iPhone chip. The machine is expected to feature a 13-inch display, the A18 Pro chip, and color options that include silver, blue, pink, and yellow. MacRumors...
iPhone 17 Pro Lower Logo Magsafe

iPhone 17 Pro's New MagSafe Design Revealed in Leaked Photo

Wednesday July 2, 2025 8:37 am PDT by
The upcoming iPhone 17 Pro and iPhone 17 Pro Max are rumored to have a slightly different MagSafe magnet layout compared to existing iPhone models, and a leaked photo has offered a closer look at the supposed new design. The leaker Majin Bu today shared a photo of alleged MagSafe magnet arrays for third-party iPhone 17 Pro cases. On existing iPhone models with MagSafe, the magnets form a...
macbook air spacegray purple

Apple Planning to Launch Low-Cost MacBook Powered By iPhone Chip

Monday June 30, 2025 3:20 am PDT by
Apple is planning to launch a low-cost MacBook powered by an iPhone chip, according to Apple analyst Ming-Chi Kuo. In an article published on X, Kuo explained that the device will feature a 13-inch display and the A18 Pro chip, making it the first Mac powered by an iPhone chip. The A18 Pro chip debuted in the iPhone 16 Pro last year. To date, all Apple silicon Macs have contained M-series...
Apple Watch Ultra Night Mode Screen

Apple Watch Ultra 3 Launching Later This Year With Two Key Upgrades

Wednesday July 2, 2025 1:13 pm PDT by
The long wait for an Apple Watch Ultra 3 appears to be nearly over, and it is rumored to feature both satellite connectivity and 5G support. Apple Watch Ultra's existing Night Mode In his latest Power On newsletter, Bloomberg's Mark Gurman said that the Apple Watch Ultra 3 is on track to launch this year with "significant" new features, including satellite connectivity, which would let you...
iOS 18

Apple Releases Second iOS 18.6 Public Beta

Tuesday July 1, 2025 10:19 am PDT by
Apple today seeded the second betas of upcoming iOS 18.6 and iPadOS 18.6 updates to public beta testers, with the betas coming just a day after Apple provided the betas to developers. Apple has also released a second beta of macOS Sequoia 15.6. Testers who have signed up for beta updates through Apple's beta site can download iOS 18.6 and iPadOS 18.6 from the Settings app on a compatible...
Wi Fi WiFi General Feature

iOS 26 Adds a Useful New Wi-Fi Feature to Your iPhone

Wednesday July 2, 2025 6:36 am PDT by
iOS 26 and iPadOS 26 add a smaller yet useful Wi-Fi feature to iPhones and iPads. As spotted by Creative Strategies analyst Max Weinbach, sign-in details for captive Wi-Fi networks are now synced across iPhones and iPads running iOS 26 and iPadOS 26. For example, while Weinbach was staying at a Hilton hotel, his iPhone prompted him to fill in Wi-Fi details from his iPad that was already...
maxresdefault

Five Features Coming to AirPods Pro 3

Friday June 27, 2025 10:52 am PDT by
Apple hasn't updated the AirPods Pro since 2022, and the earbuds are due for a refresh. We're counting on a new model this year, and we've seen several hints of new AirPods tucked away in Apple's code. Rumors suggest that Apple has some exciting new features planned that will make it worthwhile to upgrade to the latest model. Subscribe to the MacRumors YouTube channel for more videos. Heal...
replay all time playlist apple music

Apple Music Debuts All-New Personalized Playlist

Monday June 30, 2025 7:16 am PDT by
As part of its 10-year celebrations of Apple Music, Apple today released an all-new personalized playlist that collates your entire listening history. The playlist, called "Replay All Time," expands on Apple Music's existing Replay features. Previously, users could only see their top songs for each individual calendar year that they've been subscribed to Apple Music, but now, Replay All...

Top Rated Comments

steve09090 Avatar
57 months ago
From the report.

Windows detections - 111,014,261 (down 12%)
Mac detections - 75,285,427 (down 38%)
Android detections show it getting much "nastier" and detections are increasing exponentially. (No overall numbers)
iOS detections - nothing reported Other than "it’s possible as some vulnerabilities exist"

That walled garden is looking quite lush...
Score: 16 Votes (Like | Disagree)
ArPe Avatar
57 months ago

what's the best solution to tackle malware or other harmful thinks on Mac? Any ideas? Any software I need to buy?
Stay away from torrent sites ?

Don’t install pirate apps ?

Stay away from illegal streaming sites ?

Stay away from crypto sites ?

Don’t click on shortened URLs sent or posted by anon accounts on social media ?

Don’t install more apps than you really need ?

Only use signed apps from well known developers ?
Score: 12 Votes (Like | Disagree)
ian87w Avatar
57 months ago
Sometimes I have to wonder people who have enough money to buy a Mac, but cheapen out on the software or content that they have to rely on pirate torrents.

I mean it’s understandable for a person who can barely afford $400 Windows laptop to take the piracy route. But I have a hard time feeling any sympathy for someone capable of affording $1k-$2k Mac yet being a cheapskate on software and content. With so many free apps available, and many apps being more affordable on mobile, piracy imo is more of personal choice nowadays.
Score: 10 Votes (Like | Disagree)
wanha Avatar
57 months ago

what's the best solution to tackle malware or other harmful thinks on Mac? Any ideas? Any software I need to buy?
An Apple engineer who was helping me with an unusual issue last year recommended Malwarebytes.

He said it is Apple support's go-to malware app in instances where one is needed (which, fortunately, is quite rare).
Score: 4 Votes (Like | Disagree)
LV426 Avatar
57 months ago

what's the best solution to tackle malware or other harmful thinks on Mac? Any ideas? Any software I need to buy?
The best solution is to install software from the App Store. If you do this, it is very unlikely you will have problems in the first place.

If you don't, be very careful indeed where you get your software. Don't go to torrent sites or such to get software. You're just asking for trouble if you do that. There are reputable software vendors who don't use the App Store, but you will need to take special measures on your machine to allow such programs to be installed. The default is to only allow App Store programs to be installed.

There are, of course, plenty of dodgy websites that will drop, or try to drop, installers onto your computer. A classic ruse is "Your Flash player is out of date. Click here to update". If you happen to get one of those installers, and try to run it, you'll get a system popup asking for your Mac login details before it allows the installation to proceed. You should, therefore, be very wary indeed if you ever see something like that, and cancel the installation.
Score: 4 Votes (Like | Disagree)
lkrupp Avatar
57 months ago

Often the person buying the computer is not the same person buying software. For example, children being issued Macs from school or given one by parents will sometimes have no way of obtaining some content or software so they resort to piracy. Additionally, some subscriptions are quite expensive. Adobe can charge hundred of dollars yearly, which is not a small amount even if you could afford Mac hardware.
Sounds to me like you are condoning piracy. If you can’t afford it it’s okay to steal it? Unfortunately that is the mentality that has been instilled in the culture over the years.
Score: 4 Votes (Like | Disagree)