Apple’s Macbook Pro or iPhone devices are often seen as more secure, from a cybersecurity perspective, compared to those from Microsoft or Google, mainly because of the “walled garden” approach.
Another major reason why hackers aren’t as interested in Macs as they are in Windows or Linux devices is Apple’s smaller market share. As things start to change in the computer industry, we will see more and more cyberattacks targeting Apple devices.
That’s the general conclusion of a new report by cybersecurity researchers Bitdefender. In its “macOS Threat Landscape Report,” the company noted that Apple’s market share has nearly doubled over the past decade, citing figures from Statcounter that say Apple’s desktop operating system held 10% of the market share in 2013, but now almost 18%.
“Macs are much less targeted than Windows computers, as Microsoft still rules the country with 63% of the desktop market,” the report said. “Threats are spending time and resources exploiting the larger attack surface that Microsoft provides. But while Apple users are less at risk due to the platform’s smaller footprint, Macs aren’t bulletproof. Apple finds themselves constantly having to patch actively exploited vulnerabilities as threat actors use social engineering vectors and spray-and-pray techniques.
Moreover, while macOS may not be that interesting, iOS certainly is. And since the two share many components (such as the web rendering engine WebKit), attacks against Macs are becoming increasingly efficient.
Bitdefender says Mac users are targeted by three main threats: Trojans, adware, and potentially unwanted applications (PUA). Of the three, Trojans are the largest single threat, accounting for more than half of all threat detections. Of all those detections, about half (52.7%) were for EvilQuest.
Analysis: why is it important?
Bitdefender says the analysis is important because it could destroy Apple’s perceived image of the “superior” cybersecurity ecosystem. More vulnerabilities discovered and then exploited by threat actors comes with the territory of a major player in the operating system landscape, and Apple has had to act on numerous occasions recently to keep its customers safe.
Recently, Apple changed the way it pushes security updates to be faster and more flexible. It introduced a new feature called Rapid Security Response (RSR), which delivers major updates outside of the regular patch schedule. Sometimes these patches don’t even require a reboot of the device. It’s an important step in the right direction because, as Bitdefender says, many (if not most) users put off updating software and implementing security fixes. Statistics show that the vast majority of Mac owners use older generations of macOS.
About a month ago, it released an RSR update to address a zero-day vulnerability that reportedly affected fully patched Apple devices, including Macs. Apple then said it was aware of reports that the issue may have been actively exploited. The bug that was fixed was traced as CVE-2023-37450 and was described as an arbitrary code execution bug in the WebKit browser engine. It enabled threat actors to execute arbitrary code on target endpoints by tricking victims into opening malicious websites.
An important caveat with all vulnerabilities exploited on Macs is that there must always be user interaction. While that may seem like a good thing at first, it makes hackers go the extra mile to make the malware look and feel legitimate. As a result, detecting malicious programs can be a significantly more difficult undertaking for Mac users.
What have others said about Apple’s security stance?
In its description, Australian outlet technical guide says many Mac users have a “false sense of security” that allows hackers to invade in greater numbers.
“Apple has a lower threat level than Microsoft or Google, so many users think they don’t need security software,” the publication states. “The report comes as more than 45% of Australians now use at least one Apple operating system.”
There’s little chatter on Twitter about Bitdefender’s latest report, but previous tweets show that the cybersecurity researchers hit the nail on the head when it comes to Apple users’ sentiment about cybersecurity. Discussing Bitdefender’s tool, one user say: “Now I don’t use such tools – since our household only uses Apple products. We all know we don’t need that kind of thing on iPhones, iPads, MacBooks,…! :)” Another user, who claimed to have been robbed of around $10,000 worth of cryptocurrency in an elaborate scam, early “But how can a Trojan horse bypass Apple’s security…?”
However, not everyone is so comfortable with no antivirus programs running on their Mac. One user agreed participation “I don’t trust Apple’s security, that’s why I always have Bitdefender Premium Security for Mac ON.” Others said that even though they use a different antivirus solution, they would never let Apple be the sole administrator of their endpoints.
Go deeper
For more information, read our article about the most exploited vulnerabilities in 2022. Also check out our list of the best malware removal tools, as well best firewalls. Don’t forget our comprehensive guide on the best endpoint protection straight away.