Mac, Android devices increasingly at risk for malware

Windows devices are no longer the sole victims of damaging malware attacks. Strategic attacks on both Mac and Android devices are rapidly on the rise, according to new data from Malwarebytes, which makes anti-malware software. 

In fact, detections of Android ransomware went up by more than 100% in the second quarter. In addition, Mac malware in 2017 is already at the highest it has ever been in any other year in history, and the year is still far from over, according to Malwarebytes. 

Both platforms are extremely vulnerable to malicious applications, with many still making it past app store review processes, and both are continually plagued by PUPs. However, the tactics that attackers use to infiltrate each platform with malware greatly differ. Understanding these intricacies is crucial, as hackers continue to find new attack vectors, notes Malwarebytes. 

Malware attacks on Android devices have been growing at a rapid pace in recent months. In fact, according to data collected from installs of Malwarebytes on Android devices, detections of Android malware increased 5.5% from the first quarter (Q1) to the second quarter (Q2) of 2017 alone.
Most notably, the rate of “screen locker” ransomware on Android devices is reaching new heights. According to the same data set, Android ransomware increased 137.8% from Q1 to Q2 2017 globally. 

In 2018 there will be an increase in “Hidden Advertising” and “Clicker” type malware, according to Malwarebytes. Ransomware will still be big in 2018 as well, with an increasing amount of encryption functionality in attacks.

Malware big.jpeg

The graph above tracks malware only, which is the least prevalent of all Mac threats. Adware and PUPs [potentially unwanted programs] are a much more significant problem, that only began to be a real issue in 2013 and have been multiplying at an increasing rate since, according to Malwarebytes.

The new Proton Remote Access Trojan (RAT) has plagued Mac users in recent months. This variant of Proton was focused on exfiltration password data from a variety of sources, including the mac-OS keychain, 1Password vaults, and browser auto-fill data. The most frightening aspect of this event was how many experienced, security-minded people were either infected or nearly infected, says Malwarebytes.

Threats that are typically considered more “sophisticated” and dangerous, such as ransomware, are still rare among Mac devices. But the threats that do frequent Mac users today aren’t taken seriously enough in the security community, according to Malwarebytes. Adware and PUPs are becoming a major problem for Mac users, but are often not treated with the seriousness they deserve, the company adds.

While Mac’s are typically considered “safer” than both Windows and Android devices, there are several difficulties with avoiding and protecting against adware and PUPs on Macs. And, despite safety settings and vetting processes, the Mac App Store isn’t immune to these threats, according to Malwarebytes. 

What’s more, sites that are frequented by Mac users, including download.com, softonic, and macupdate.com, have been known to distribute malicious installers. Fake Flash installers and virus pop-ups on mac devices can be very convincing, tricking even the most sophisticated internet users 

In 2018, Malwarebytes predicts that Mac malware will increase but PUPs will see the largest growth. These are not very well policed and are free to proliferate unchecked. Mac users are already experiencing some of this now, with an explosion of fake anti-virus apps in the Mac App Store. These are not well controlled by Apple and not commonly known of even within the security community, according to Malwarebytes.