WOOF! Newsletter

April 29, 2016

The Malware War: The State of Malware on Mac

We interviewed Thomas Reed, Malwarebytes' Director of Mac Offerings, about the state of malware on Mac & mobile. He said that for a while Mac users only had to deal with adware. But now, the Mac malware's growing.


Well, it’s happened.  Until now, Mac users didn’t have to deal with ransomware targeting their computers “professionally.” Now they do.

The first ransomware-as-a-service aimed at Macs has arrived: MacRansom.  While Malwarebytes’ Thomas Reed describes it as unsophisticated, it marks the first time Ransomware-as-a-Service has targeted the Mac platform instead of the PC. 

The creator distributes the ransomware on the dark web for free, in exchange for a percentage of future ransoms.  Protection is on its way; Malwarebytes is already working on a real-time, anti-ransomware product for Macs.  In the meantime, be smart and don’t click links from email senders you don’t recognize.   

What Malwarebytes’ Thomas Reed Wants You to Know about Malware on the Mac and Mobile Devices

For years, we’ve heard, “Macs don’t get viruses or malware.”

While it’s true that PCs are more susceptible to malware, the Mac is no longer immune.

With ransomware now appearing on the Mac platform, businesses must be aware how at-risk their Macs have become.

Asked about the state of malware on Macs, Thomas Reed, Director of Mac Offerings at Malwarebytes, says:

“It’s only a matter of time before we see more malware for Macs.”

The History of Malware on the Mac

We asked Thomas why Malwarebytes decided to create a Mac version of their Anti-Malware product.

“If I count right, there have been 4 malware families that appeared in 2015 for Mac.”

Then, the first instance of Mac ransomware came about in 2016 with the appearance of KeRanger.

As a result of this increase in ransomware and adware, Malwarebytes created malware protection available for Mac.

How Mac Users Can Stop Malware

Here is a list of available protections for Mac users:

  • Anti-Malware for Mac – Removes malware and adware. Usable at home or in the office. Free.
  • Anti-Malware for Business – Network-level protection for computers and servers with a management console to manage policies & endpoints. No Mac client yet, but this does provide network-level protection.
  • A Mac version of Malwarebytes Breach Remediation is in beta. According to Thomas, this is a command-line tool “aimed at detecting and remediating [malware] on demand.”
  • Remember to keep regular backups and educate your users on identifying signs of malware (see last month’s WOOF! for more details).

What about Mobile?

Are mobile devices like the iPhone at risk for malware infection? Thomas said yes, they are, but only some of them.

“I talked to some folks at RSA who kept finding malware on their Android phones.”

Apparently the Android platform is quite vulnerable to malware. Phones and tablets alike. Fortunately, Malwarebytes for Android does exist.

What about an Anti-Malware app for iOS? “Apple doesn’t allow any anti-malware software in the App Store,” said Thomas. “If folks get infected with iOS malware, they pretty much have no option but to wipe the phone and set it up again from scratch.”

All the more reason to keep backups!

The Future of Malware Protection on Mac & Mobile: Danger Level Rising

When asked which platform – Mac, Android or iOS – will see more malware infections in the future, Thomas chose the Mac. “The new ransomware on Mac just hit; I’ve said for a while it was only a matter of time. It’s only a matter of time before we see more [malware] appearing. That’s one [area] where we have to be concerned.”

The danger to Macs is rising. But, as with the PC side, Malwarebytes continues its work. Fighting the Malware War on the Mac front as well as the PC.

What do we have to look forward to? Currently, the company’s focus is on 2 sides:

  1. Remediation – Consumer and premium/corporate products removing malware infections. “We want to make sure we’re removing all traces of malware, adware, etc. from our clients’ systems. We want to avoid clients having to image [reformat] their own systems just because they got some malware.”
  2. Active Protection – Blocking malware before it does any damage. Available for premium Windows customers now, as well as in enterprise solutions. “[This is] where we’ll go with the Mac product in the future.”

“Right now there are lots of Macs with almost no tools for keeping malware off. I’d like to change that.”

So would we! If your office does use Macs, we recommend installing Malwarebytes Anti-Malware for Mac as soon as possible. Also, take a moment to check that your backups are running properly. We’ll notify you right here in WOOF! when the Mac Breach Remediation tool comes out of beta.

For help educating your users on recognizing and avoiding malware, visit the Malwarebytes Labs page. Malwarebytes posts announcements of new malware, security news, and other helpful information. All free to everyone.

Are your Macs protected against malware? Please give us your feedback at woof@planetmagpie.com.