Mac Malware Detections Dropped 38% in 2020, Most Still Adware

Antivirus software developer Malwarebytes today shared its 2021 State of Malware Report, which found that malware threat detections on Macs fell a total of 38 percent in 2020.

In 2019 Malwarebytes detected a total of 120,855,305 threats, which dropped to 75,285,427 threats in 2020. Consumer threats were down 40 percent, but as businesses operated remotely and shifted to online work, threat detections for business users grew 31 percent.

mac malware 2020
There was a drop in detections of Adware and potentially unwanted programs (PUPs), but Malwarebytes says that malware, which includes backdoors, data stealers, and cryptocurrency stealers/miners, increased by more than 61 percent.

That number sounds high, but malware still only accounted for 1.5 percent of all threat detections on the Mac, with the rest still coming from Adware and PUPs.

Potentially unwanted software represented more than 76 percent of detection in 2020, while Adware represented approximately 22 percent. These are overall numbers, and the breakdowns varied somewhat by country, but most Malwarebytes users are in the United States. Business machines saw a bit more malware and adware, with less unwanted software.

Of malware found on Macs, the top 10 malware families accounted for more than 99 percent of the total, with more than 80 percent detected due to suspicious behaviors. OSX.FakeFileOpener, malicious apps designed to open files, accounted for the second highest number of detections.

top mac malware 2020
Malwarebytes says that the most unusual Malware detected on Macs in 2020 was ThiefQuest, which spread through installers found on torrent sites. When infected, Macs would start to have files encrypted, with the malware providing ransom instructions.

These instructions went nowhere, though, and didn't provide a legitimate contact for removing the encryption. Instead, the ransomware was a cover for something more malicious.

Upon further investigation, we learned that the ransomware activity was really a cover for massive data exfiltration, including MS Office and Apple iWork documents, PDF files, images, cryptocurrency wallets, and more. This kind of malware, known in the Windows world as a "wiper," had never before been seen on Macs.

Even more interesting, the malware would inject malicious code into executable files found in the Users folder, such as components of Google Software Update, in a virus- like manner, another rarity in the Mac world. The combination of these features made ThiefQuest not only the most unusual Mac malware in 2020, but perhaps the most unusual Mac malware ever.

Sophisticated adware techniques were also spotted on Macs in 2020, including phishing for admin passwords, using synthetic clicks to automate browser extension installations, modifying the sudoers file to maintain root permissions indefinitely, and manually editing the TCC database to give the adware more system access.

On Macs, Malwarebytes says that the "business model of choice for most criminals" remains Adware, with trojans, worms, spyware, and RiskWareTools being more common on Windows machines. Still, malware is an increasing Mac problem and it's something that Mac users should be aware of.

Malwarebytes' full report can be read on the Malwarebytes website.

Top Rated Comments

steve09090 Avatar
18 months ago
From the report.

Windows detections - 111,014,261 (down 12%)
Mac detections - 75,285,427 (down 38%)
Android detections show it getting much "nastier" and detections are increasing exponentially. (No overall numbers)
iOS detections - nothing reported Other than "it’s possible as some vulnerabilities exist"

That walled garden is looking quite lush...
Score: 16 Votes (Like | Disagree)
ArPe Avatar
18 months ago

what's the best solution to tackle malware or other harmful thinks on Mac? Any ideas? Any software I need to buy?
Stay away from torrent sites ?

Don’t install pirate apps ?

Stay away from illegal streaming sites ?

Stay away from crypto sites ?

Don’t click on shortened URLs sent or posted by anon accounts on social media ?

Don’t install more apps than you really need ?

Only use signed apps from well known developers ?
Score: 12 Votes (Like | Disagree)
ian87w Avatar
18 months ago
Sometimes I have to wonder people who have enough money to buy a Mac, but cheapen out on the software or content that they have to rely on pirate torrents.

I mean it’s understandable for a person who can barely afford $400 Windows laptop to take the piracy route. But I have a hard time feeling any sympathy for someone capable of affording $1k-$2k Mac yet being a cheapskate on software and content. With so many free apps available, and many apps being more affordable on mobile, piracy imo is more of personal choice nowadays.
Score: 10 Votes (Like | Disagree)
wanha Avatar
18 months ago

what's the best solution to tackle malware or other harmful thinks on Mac? Any ideas? Any software I need to buy?
An Apple engineer who was helping me with an unusual issue last year recommended Malwarebytes.

He said it is Apple support's go-to malware app in instances where one is needed (which, fortunately, is quite rare).
Score: 4 Votes (Like | Disagree)
LV426 Avatar
18 months ago

what's the best solution to tackle malware or other harmful thinks on Mac? Any ideas? Any software I need to buy?
The best solution is to install software from the App Store. If you do this, it is very unlikely you will have problems in the first place.

If you don't, be very careful indeed where you get your software. Don't go to torrent sites or such to get software. You're just asking for trouble if you do that. There are reputable software vendors who don't use the App Store, but you will need to take special measures on your machine to allow such programs to be installed. The default is to only allow App Store programs to be installed.

There are, of course, plenty of dodgy websites that will drop, or try to drop, installers onto your computer. A classic ruse is "Your Flash player is out of date. Click here to update". If you happen to get one of those installers, and try to run it, you'll get a system popup asking for your Mac login details before it allows the installation to proceed. You should, therefore, be very wary indeed if you ever see something like that, and cancel the installation.
Score: 4 Votes (Like | Disagree)
lkrupp Avatar
18 months ago

Often the person buying the computer is not the same person buying software. For example, children being issued Macs from school or given one by parents will sometimes have no way of obtaining some content or software so they resort to piracy. Additionally, some subscriptions are quite expensive. Adobe can charge hundred of dollars yearly, which is not a small amount even if you could afford Mac hardware.
Sounds to me like you are condoning piracy. If you can’t afford it it’s okay to steal it? Unfortunately that is the mentality that has been instilled in the culture over the years.
Score: 4 Votes (Like | Disagree)

Related Stories

apple watch abc action news

Apple Watch Saves Woman's Life With Feature She'd Never Heard Of

Wednesday March 23, 2022 1:59 am PDT by
An Apple Watch has been credited with saving a woman's life after it contacted emergency services when she fell, leading to a lung cancer diagnosis, ABC Action News reports. 71-year-old grandmother Raylene Hackenwerth, from Saint Petersburg, Florida, fell in early March, triggering her Apple Watch's Fall Detection feature. The Apple Watch's Fall Detection feature can tell when a wearer has...
OneDrive

OneDrive Mac Users Unhappy With Buggy Update That Removes Ability to Keep Local Copies of Synced Files

Tuesday February 1, 2022 4:45 am PST by
Changes to the way OneDrive syncs files and folders on Mac has caused upset among users of the cloud storage service, following Microsoft's rollout last month of a new "Files On-Demand Experience" for Macs running macOS 12.1 and later. In a change coming with macOS 12.3, currently still in beta, Apple is deprecating the kernel extensions originally used by OneDrive's syncing features, so the ...
applewatchseries4falldetection

Automated Apple Watch Feature Saves Unconscious Man's Life

Monday February 7, 2022 3:08 am PST by
The Apple Watch has yet again been credited with saving a man's life, after the device automatically called 911 when he fell off an electric bike, Fox 11 reports. The Apple Watch's Fall Detection feature. On January 22, Hermosa Beach Police Department officers in California responded to an incident after an Apple Watch initiated an emergency 911 call and advised that the "owner of this watch...
iphone 13 display pro max

iOS 16 Safety Feature Already Being Tested Using Millions of Devices

Friday December 17, 2021 3:13 am PST by
Apple is working on a "crash detection" feature using data from million of iPhones and Apple Watches that could launch in 2022, according to a recent report. Citing internal company documents and people said to be familiar with the matter, the Wall Street Journal reported last month that the new feature could use the iPhone and Apple Watch to automatically detect when a user is involved in a ...
OneDrive

Microsoft Responds to OneDrive Mac User Criticism Following Decision to Enforce Files On-Demand Feature [Updated]

Thursday February 3, 2022 7:50 am PST by
Earlier this week, MacRumors reported on a OneDrive for Mac update that has caused upset among users of the cloud storage service, partly due to alleged bugs it has introduced but mainly because the new version no longer allows users to opt out of its cloud-based Files On-Demand feature, which was previously an optional setting. In an update to its original blog post introducing this aspect...
mac mini intel gray

Mac Mini and Mac Pro are Apple's Last Two Remaining Intel Macs With Launch of Mac Studio

Tuesday March 8, 2022 11:31 am PST by
With the launch of the new Mac Studio that replaces the higher-end 27-inch Intel iMac, Apple has just two Intel Macs left in its lineup - the Mac Pro and the Mac mini. Though the Mac Studio appears to be something of a Mac mini and Mac Pro hybrid, Apple has not discontinued the high-end Intel Mac mini and it remains in the lineup. This suggests a new version of the high-end Mac mini is...
studio display and mac studio

Gurman: 'Mac Studio' Mac Mini/Mac Pro Hybrid and New Display With A-Series Chip Are 'Ready to Go'

Monday March 7, 2022 3:07 pm PST by
Apple could unveil a new "Mac Studio" machine and a new display that runs iOS at the March 8 event, according to a last minute confirmation from Bloomberg's Mark Gurman. In a tweet, Gurman says that the Mac Studio and a "new monitor running iOS are "ready to go" and will likely be debuting tomorrow. Earlier today, YouTuber Luke Miani shared renders of what he claims is the "Mac Studio,"...
iphoneseback

40% of iPhone Users Plan to Buy iPhone SE 3, Survey Indicates

Monday March 7, 2022 4:36 am PST by
40 percent of iPhone users intend to buy the third-generation iPhone SE, according to the findings of a survey by SellCell. Of the survey respondents that plan to buy the iPhone SE, 24 percent plan to use it as their main device, while 16 percent plan to give the device as a gift or use it as a secondary device. While most iPhone SE 3 buyers plan to use the device themselves, 10.9 percent...

Popular Stories

macbook air m2

Exclusive: Apple Plans to Launch MacBook Air With M2 Chip on July 15

Wednesday June 29, 2022 5:23 pm PDT by
The redesigned MacBook Air with the all-new M2 Apple silicon chip will be available for customers starting Friday, July 15, MacRumors has learned from a retail source. The new MacBook Air was announced and previewed during WWDC earlier this month, with Apple stating availability will begin in July. The MacBook Air features a redesigned body that is thinner and lighter than the previous...
original iphone 2007

15 Years Ago Today, the iPhone Went On Sale

Wednesday June 29, 2022 4:43 am PDT by
Fifteen years ago to this day, the iPhone, the revolutionary device presented to the world by the late Steve Jobs, officially went on sale. The first iPhone was announced by Steve Jobs on January 9, 2007, and went on sale on June 29, 2007. "An iPod, a phone, an internet mobile communicator... these are not three separate devices," Jobs famously said. "Today, Apple is going to reinvent the...
maxresdefault

Video Comparison: M2 MacBook Pro vs. M1 MacBook Pro

Tuesday June 28, 2022 2:45 pm PDT by
Apple last week launched an updated version of the 13-inch MacBook Pro, and it is the first Mac that is equipped with an updated M2 chip. As it's using a brand new chip, we thought we'd pick up the M2 MacBook Pro and compare it to the prior-generation M1 MacBook Pro to see just what's new. Subscribe to the MacRumors YouTube channel for more videos. For the video comparison, we're using the...
iPhone vs Galaxy Larger

Apple Executive Says Samsung Copied the iPhone and Simply 'Put a Bigger Screen Around It'

Tuesday June 28, 2022 8:59 am PDT by
The Wall Street Journal's Joanna Stern today shared a new documentary about the evolution of the iPhone ahead of the 15th anniversary of the device launching on June 29, 2007. The documentary includes an interview with Apple's marketing chief Greg Joswiak, iPhone co-creator Tony Fadell, and a family of iPhone users. One segment of the interview reflects on Android smartphones gaining larger...
iPhone 11 Pro vs iPhone 14 Pro

iPhone 11 Pro vs. 14 Pro: New Features to Expect if You've Waited to Upgrade

Monday June 27, 2022 11:22 am PDT by
With many customers choosing to upgrade their iPhone every two or three years nowadays, there are lots of iPhone 11 Pro users who might be interested in upgrading to the iPhone 14 Pro later this year. Those people are in for a treat, as three years of iPhone generations equals a long list of new features and changes to look forward to. Below, we've put together a list of new features and...
Mac Studio IO

Apple Begins Selling Refurbished Mac Studio Models

Thursday June 30, 2022 7:42 pm PDT by
Apple today began selling refurbished Mac Studio models for the first time in the United States, Canada, and select European countries, such as Belgium, Germany, Ireland, Spain, Switzerland, the Netherlands, and the United Kingdom. In the United States, two refurbished Mac Studio configurations are currently available, including one with the M1 Max chip (10-core CPU and 24-core GPU) for...
rootbug

Major macOS High Sierra Bug Allows Full Admin Access Without Password - How to Fix [Updated]

Tuesday November 28, 2017 12:33 pm PST by
There appears to be a serious bug in macOS High Sierra that enables the root superuser on a Mac with a blank password and no security check. The bug, discovered by developer Lemi Ergin, lets anyone log into an admin account using the username "root" with no password. This works when attempting to access an administrator's account on an unlocked Mac, and it also provides access at the login...