Malwarebytes released a report today on the malware threat faced by what it calls the “other” platforms: Android and macOS. In contrast with the known threats faced by Windows computers, Malwarebytes says Android and macOS are more vulnerable than many people think.
It’s a long-held belief that Macs aren’t vulnerable to malware, and unfortunately for the overconfident that’s anything but true. As Apple’s market share has increased malware that targets its products has skyrocketed, and the same has been true for Android devices.
It may not even be correct to call Android and macOS the “other” platforms anymore. Android controls nearly 90% of the mobile market, and Macs continue to be popular (though they’re still a sliver of the overall desktop OS market share).
The threats facing Android and macOS differ, but the bottom line is the same: They’re vulnerable and users need to be aware of how easy it is to become infected.
The threats facing Android
While Android malware reports only increased 5.5% from Q1 to Q2 2017, ransomware infections spiked by 137.8%, making it the biggest threat currently facing Android users.
The most common forms of ransomware detected by Malwarebytes were Jisut (a screen locker), SLocker (encrypts files and demands payment for key), and Koler (doesn’t encrypt, but pops up a fake warning screen demanding payment). Those three families accounted for 95% of Android ransomware infections in the first half of 2017.
Accounting for 47% of overall Android malware infections in the first six months of the year were potentially unwanted programs (PUPs). These include adware, clickers, and other apps that perform hidden functions in the background.
Malwarebytes predicts that the biggest threat facing Android users in the latter half of 2017 and into 2018 will be PUPs. They have massive potential to make their programmers money by falsifying ad clicks, stealing data, and forcing users to interact with popups.
The macOS threat landscape
macOS hasn’t been doing well on the malware front lately. Q2 2017, Malwarebytes says, was bigger for macOS malware than the entirety of 2016. Add to that the discovery of more new macOS malware families in 2017 than any year on record and you have a clear indicator of the vulnerability of Apple computers.
The threats facing macOS are different than Android or Windows, which is somewhat good news. Rather than ransomware and malware, which the report says is the smallest concern for macOS, PUPs and adware dominate.
SEE: 17 tips for protecting Windows computers and Macs from ransomware (free PDF) (TechRepublic)
Many popular macOS apps have been found to contain threats—even those on the App Store. Popular websites for downloading software, such as Softonic and Macupdate.com, have also been found to contain malicious installers.
In addition, there has been a rash of serious malware outbreaks on macOS in 2017, so even if malware is in the minority of macOS threats it still needs to be treated seriously.
Malwarebytes predicts that 2018 will see not only more macOS malware, but a huge leap in PUPs—just like Android.
“These are not very well policed and are free to proliferate unchecked,” the report said. “Mac users are already experiencing some of this now, with an explosion of fake anti-virus apps in the Mac App Store. These are not well controlled by Apple and not commonly known of even within the security community.”
Protecting yourself in the modern cybersecurity atmosphere
It’s dangerous out there for any platform, desktop or mobile. Everything is connected to the internet nowadays, and that opens it all up for malware, ransomware hijacking, and other forms of compromise.
Protecting Android and macOS devices doesn’t necessarily require different approaches: Both are infected by malicious websites and fake apps installed from legitimate sources, so both need to watch out for those avenues of exposure.
SEE: 7 ways to protect your Apple computers against ransomware (TechRepublic)
Make sure that your devices have an anti-malware app installed. Before installing one, however, be sure you’re not getting a fake that’s only going to harm your system (they’ve been found on both Google Play and the macOS App Store). Read reviews, do a Google search for the name of the app to make sure it’s safe, or get recommendations from friends.
Your anti-malware software should be able to protect you while you’re browsing the web as well—many come with web filters that block malicious sites, and if they don’t your browser can be configured to do so.
Lastly, just exercise caution while browsing the web and installing apps. If a website prompts you to download and install something, don’t do it, plain and simple. As an added security measure never download software from outside your primary app store. While that doesn’t guarantee you’re safe, it definitely decreases risks.
Top three takeaways for TechRepublic readers:
- A new report from Malwarebytes revealed that Android ransomware has skyrocketed, as have macOS malware varieties.
- Android’s primary threat comes from ransomware, which grew 137.8% from Q1 to Q2 2017. macOS is mainly being targeted by PUPs and adware, which Apple and its user base have largely ignored as a threat.
- Both Android and macOS are predicted to see a spike in PUPs and adware, both of which can be extremely lucrative for their distributors.