Mac Ransomware: Fact or Fiction

Apr 22, 2021

There are different Mac security myths circulating among users. Therefore, how can you know if it’s fact or fiction? In this article, we’ll set the record straight when it comes to Mac ransomware and Mac cyber attacks.

Fiction: Macs Don’t Get Viruses 

The idea that there are no viruses for the Mac goes back to the beginning of Mac OS X at the start of this millennium. Unfortunately, this is a myth. As with most good myths, there can be an element of truth. 

Technically, a virus is a malware that spreads by itself and attaches itself to other files. By this definition, there are no Mac viruses. But by that token, there aren’t many Windows viruses these days. Even though viruses have mostly disappeared from the threat landscape, the average person associates a virus as any type of malicious software.

Because of this widespread perception, we can conclude that the myth of “there are no Mac viruses’” is not entirely true. There is ransomware for the Mac as well as many other types of cyber attacks. Do not allow yourself to be misled. 

Fact: There is Little Mac Ransomware 

It’s true that ransomware is malicious in nature. This also brought about malicious software with the objective of scamming or stealing data and money from the user. Examples of malware are backdoors that offer access to the computer or captures pictures with webcams and spyware that logs keystrokes. Ransomware encrypts the user’s files and demands payment to release them.

It’s true that ransomware is rare on Mac. A major spike of new Mac ransomware occurred in 2012, when 11 new pieces of malware appeared. The average Mac user has never seen any malware. 

Therefore, why should Mac users be concerned? Because other cyber threats are a growing issue on the Mac. Over the last few years, there has been an increase in the amount of adware and Potentially Unwanted Programs (PUPs) for the Mac.

Adware is software that injects ads into websites where they don’t belong and modify your search engine to a different one. Adware is designed to scam advertisers and search engines. The infected Macs will generate revenue fraudulently from search engines and advertisers, who pay these adware-producing affiliates for referrals. 

PUPs are programs that are normally unwanted by users. These may include so-called genuine keyloggers that are marketed for monitoring your employees or kids, supposed antivirus applications that don’t actually detect anything, scammy cleaning applications and much more.

PUPs and Adware are currently a serious problem for Mac users. Even though these things are not malware, they are a huge nuisance. They can create security vulnerabilities that make it more likely for you to get infected with actual ransomware.

Fiction: Macs are More Secure than Windows 

Some years ago, Apple abandoned the old classic Mac system in favor of Unix, a security-oriented system. Apple has made some great security improvements to macOS in recent years, and as a result, Macs are more secure today than ever before.

It’s understandable that nothing is perfect and macOS security is certainly far from it. There are several ways to avoid Mac security threats. The security of Windows has improved over the years and it becomes difficult to say which system is more secure.

As with other myths, there is an element of truth here. Macs definitely suffer a smaller number of threats than Windows. Many new Windows malware variations appear every day, while it is a busy month in the Mac world if more than one new piece of malware appears. This means that there may not be any major security differences between the two systems. Macs do tend to be safer due to the smaller number of threats.

Fact: MacOS has built-in Anti-Malware Software 

Although this feature is concealed from the user and can’t be turned off, Apple’s anti-malware software, XProtect, consists of some simple signatures for identifying known malicious applications.

When you try to open an app for the first time, the system will check it against the XProtect signatures. If the application matches one of those signatures, the system won’t allow it to open.

There are some issues with XProtect. First, as with any signature-based detection, it can only detect and block malware that Apple has seen before.

Second, it only detects malware. Since the majority of the cyber threats for Macs are PUPs and adware, that leaves a lot that it doesn’t protect against. You should not depend on XProtect as your sole protection against Mac cyber attacks. Nevertheless, this is a very good layer of protection to have as an essential part of the system.

Fiction: Macs Don’t Need Security Software

Over the years, antivirus software has gotten a bad rap on the Mac. Thanks to the low incidence of Mac ransomware, coupled with the system issues that some antivirus programs have been known to cause, Mac users are wary about installing security software. What makes matters worse is that Mac professionals tell people that they don’t need security software because MacOS contains all the protection they need.

The number of Mac users infected by ransomware and other Mac threats has skyrocketed since 2010 when PUPs and adware were not problematic and new malware detections were slim. Nowadays, we are seeing a huge number of people infected with Mac threats on a much larger scale than even just a few years ago.

Obviously, there is a widespread problem with threats on the Mac, and the built-in security in MacOS is not sufficient to deal with this issue. It’s becoming necessary for Mac users to have an extra layer of security to have something that’s effective against ransomware. 

If you’re a Mac user, you might consider using Vicarius software to remove adware, PUPs and ransomware on your Mac. Vicarius is a vulnerability management software that targets cybersecurity officers as well as IT managers and operators from the U.S. market.

 

Photo by Evan Dennis on Unsplash

Written by

Kent Weigle

Recent Posts

  • 1

    Vulnerability Remediation Guidelines

    Kent Weigle October 14, 2021
  • 2

    What is Vulnerability Remediation?

    Kent Weigle October 08, 2021
  • 3

    Average Time to Remediation Hits 205 Days

    Kent Weigle August 12, 2021
  • 4

    Vulnerability Management: What You Need To Know

    Kent Weigle July 12, 2021
  • 5

    Vicarius Records Signs Underground Sensation Lil CISO

    Kent Weigle July 28, 2021
last_chanse_04.png

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 30-day trial
    CVE Invaders
    cta_cve_06_28px.gif