Mac malware 'spread like wildfire' last year -- report

But Windows still attracts more nasties in three average days than MacOS did in its worst year.

From "macOS malware development surged by over 1,000% in 2020" posted Wednesday by Atlas VPN:

The development of malicious software for Apple’s desktop operating system macOS spread like wildfire in 2020... According to the Atlas VPN investigation, the development of macOS malware surged by 1,092% in 2020. To be exact, 674,273 new malware samples were found in 2020, when there were only 56,556 samples detected in 2019...

Even though macOS malware development surged to record-highs, hackers still abuse Windows users much more often.

Data shows that a record-high of 91.05 million new Windows malware samples were discovered in 2020. In other words, cybercriminals developed an average of 249,452 threats per day.

Cue the charts:

mac malware wildfire

mac malware wildfire

My take: The two platforms are hard to compare in one chart because the scales -- despite MacOS' 2020 spike -- are still so different.

9 Comments

  1. Gregg Thurman said:
    Let’s take a look at respective market shares.

    MacOS has an approximate 8% share.
    Windows has an approximate 90% share.

    MacOS viruses ha an approximate seven tenths of 1% share.
    Windows has an approximate 99.3% share.

    In the past the argument against Mac security was “safety” in obscurity. While there may be some truth in that theory I don’t think it is a valid argument, and hasn’t been for some time, not with share numbers like that above.

    4
    March 17, 2021
  2. Fred Stein said:
    I love looking for anomalies. Comparing MacOS and Windows 2021 numbers, it appears that Apple found tools to mitigate the problem some time before 2021.

    Another consideration: We know iOS users update their OSes much more often than Android users. If the same holds for MacOS and Windows users, then Windows likely has a massive IB of insecure OSes.

    3
    March 17, 2021
    • John Konopka said:
      I’m not sure how to quantify this, but a lot of windows machines are sort of orphaned because they are in offices or attached to various machines. I update my personal Mac almost as soon as an update is available. If I’m in an office I leave that up to someone else. In my world I’m sure we have a substantial installed base using XP. There might even be a few Windows 2000 customers out there. Sometimes upgrading one of these machines mean you also have to get a newer version of software from the manufacturer. Sometimes that costs money, even worse you have to buy a newer version of the product which can be tens of thousands of dollars. Sometimes the manufacturer is gone or has discontinued the product meaning there is no upgrade product. The item still works but it is crippled by being stuck with an older OS.

      2
      March 17, 2021
  3. David Emery said:
    “because the scales — despite MacOS’ 2020 spike — are still so different.”
    I’m sure that’s deliberate.

    But “malware discovered” is not the same as “malware actually infecting machines in the wild.” How many of these potential infections would be defeated by normal security measures, e.g. “delete Adobe Flash”, “make sure you’re security settings prevent unsigned code,” etc.

    (Oh, the “security by obscurity” argument masked the “security by much better design” argument… The average Windows user, particularly the average executive including I suspect a lot of CIOs, still believe that “software is inherently buggy and vulnerable.” For that, I blame Bill Gates -personally-, Microsoft Windows under his management lowered expectations to abysmally poor levels.)

    3
    March 17, 2021
    • Gregg Thurman said:
      I’m not sure I would blame Gates. Windows was a bastard, bolt on upgrade to DOS. DOS was a crap OS, developed well before server farms. Viruses were spread by sneaker nets.

      If Gates were to blamed for anything it was leaving Ballmer in charge. Ballmer was absolutely terrified that if MSFT introduced a new (NON-COMPATIBLE), yet modern, OS corporate America might seek alternatives to Windows. The result is that to this day Windows is based on a creaky DOS.foundation, totally unsuited for mobile/wearables.

      But then MSFT couldn’t introduce a modern OS (read UNIX) because Apple beat them to the punch, and MSFT would have been looked upon as, accused of, copying Apple.

      3
      March 17, 2021
      • David Emery said:
        Gates is responsible for DOS and Windows 3/Win 95/98/NT. According to Wikipedia, he wrote a lot of the code the first 5 years. But more importantly, he set the culture of Microsoft, “grab the market with crappy software, and don’t worry about the consequences.” It’s not clear to me whether Gates or Ballmer came up with the strategy of “enable CIOs/IT departments at the expense of the user”, but that was a winning strategy. IT departments grew staffing by leaps and bounds, because of all the hands-on required to keep Windows running.

        2
        March 17, 2021
  4. Bill Haymaker said:
    Maybe this is over stating it but Microsoft hasn’t really ever written an OS. DOS was purchased and used to lure IBM. NT was written by a bunch of DEC guys that were VMS architects. “Microsoft hired a group of developers from Digital Equipment Corporation led by Dave Cutler to build Windows NT, and many elements of the design reflect earlier DEC experience with Cutler’s VMS,[21] VAXELN and RSX-11, but also an unreleased object-based operating system developed by Dave Cutler at Digital codenamed MICA.[22] The team was joined by selected members of the disbanded OS/2 team, including Moshe Dunie.[6]” The two attempts at a fresh modern OS were both failures and basically scrapped although bits of Vista made their way into the code base. Not so much for Cairo.

    2
    March 18, 2021
    • David Emery said:
      Having used both VMS and NT, I can say VMS was A MUCH BETTER product. In particular, VMS fine-grained privilege system was still better than anything I’ve seen on an OS today. I was surprised by how bad NT was, given Cutler’s credentials. (That’s true both for reliability/security and for overall design. It’s likely Cutler was seriously handicapped with backwards compatibility requirements with all of Windows’ previous terrible design decisions.)

      1
      March 18, 2021
    • David Emery said:
      Gates and even more Ballmer were totally consumed by the “technical debt” sunk by Windows backwards compatibility. Neither had the guts to do the massive “toss out the baby and bathwater” of Apple’s transitions, both the hardware transition from 68k to PowerPC and then PowerPC to Intel, or the software transition from OS 9 to OS X.

      One of the great “what-if” is BiiN (see the Wikipedia page). That was both VERY different hardware (capability machine versus Von Neumann) and software (an OS that provided system-level support for ‘object orientation’, system security and fault tolerance.) (Claimer: I worked on that project. Intel pulled out in part because they were making tons of $ on the WinTel x86 architecture, and Siemens had no clue how to market what they had.)

      0
      March 18, 2021

Leave a Reply