2017 McAfee Threat Report Shows Spike in Mac Malware

mac virus

Malware targeting Mac users has been on the rise over the past year, and the McAfee June 2017 Threat Report [PDF] indicates that the trend in Mac malware isn’t slowing down. There were nearly 250,000 new instances of macOS malware in the first quarter of 2017, bringing the total for the quarter to just over 700,000.

total mac malware mcafee 2017

Apple has a long history of touting the security advantages of Macs as compared to their Windows-based counterparts. Although Macs were never fully immune from viruses and malicious exploits, they generally weren’t susceptible to the types of viruses that devastated the PC ecosystem in the first decade of the 2000s. As new viruses and malware have grown more sophisticated in recent years, however, Apple has backed off from the “Macs don’t get viruses” marketing claim.

The good news is that traditional PC-like viruses are still relatively rare on the Mac, but the rise in adware, typically delivered via hijacked websites or user carelessness, is of growing concern for Mac and Windows users alike. In fact, McAfee attributes much of the rise in macOS malware specifically to a “glut of adware.”

mac virus
Original image via Shutterstock

These types of attacks are often executed via exploits in browser security, Web plugin vulnerabilities, or social engineering, which tricks users into downloading, running, and authorizing malware with admin privileges. Depending on the malware and its attack vector, the users of infected Macs encounter everything from browser takeovers, to pop-up ads, to unwanted toolbars and browser plugins, to even things like keyloggers and botnet hijacks in the worst cases.

But while concerning, the malware situation on the Mac is nothing compared to Windows-based PCs. Even though Macs represent about 4 percent of the overall computer market, they account for less than 1 percent of all identified malware. That’s right, McAfee measured almost 700 million instances of total malware, with the vast majority discovered on Windows, although mobile malware instances, almost all on Android, surpassed 16 million.

While zero-day exploits may be impossible to defend against, concerned Mac users can still take certain steps to protect themselves. These include always keeping your Mac’s operating system and Web browser of choice up-to-date, using Gatekeeper to protect yourself from uncertified apps, keeping an offline backup of your data, and never downloading or running applications (especially those that require admin rights) from unknown or sketchy sources. Oh, and if you have a PC, get a good antivirus.

2 thoughts on “2017 McAfee Threat Report Shows Spike in Mac Malware

  • First, you forgot the note on the page: ‘During the past three quarters, new Mac OS malware has been boosted by a glut of adware.’

    Scott, read the third and fourth paragraphs.

    And an attack on a browser that runs in macOS and can affect macOS users is, absolutely, “Mac malware,” even if it also affects other platforms. Many Mac owners don’t know or care if the issue they’re experiencing is a result of an exploit in their browser or in the operating system itself. It’s an issue that affects the Mac, and one that many longtime Mac owners, thanks to Apple’s former advertising, think they’re immune to.


    Did you actually read the report or did you pull the graphic out because it fits a narrative?

    First, you forgot the note on the page:

    During the past three quarters, new Mac OS malware has been boosted by a glut of adware.

    Adware is not a specific attack on the Mac. It’s an attack on the browser which means that the attack could happen on any machine on any browser. An attack on Firefox is cross platform for all systems running Firefox as is Chrome, etc. Since McAfee does not break down these numbers to understand if there is a difference, then we don’t know if someone is double counting.

    Remember, there’s lies, damed lies, and statistics. What these projectiles don’t provide is an assumption for their increase. It is almost as if McAfee doesn’t expect browser venders to patch their browsers, thus allowing the attack vectors to increas. Of course that would fit their narrative since they are looking to sell anti-malware software.

    They go through great pains to add code to known attacks to give their report the look of credibility. But when I go look up the CVE’s for these problems, they are all marked as fixed. This means that these attacks and attack vectors based on the risks discovered could not be exploited again without another issue being found. Sure, there can be another issue, but without some sort of trend analysis showing that assumption are based on past performance, then all they are doing is throwing stuff against the wall hoping it will stick.

    You and McAfee make the problems sound worse than they are. With out a real qualitative analysis of the data, you are trusting an anti-malware vendor to tell you the truth. If that’s what you think then can I sell you a bridge in Brooklyn? I can give you a great deal!

    Acknowledged InfoSec Curmugeon

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

WIN an iPhone 15 Pro Max!

Enter our epic giveaway for a chance to win the latest iPhone 15 Pro Max!