Apple’s Macbook Pro or iPhone devices are often perceived as safer, from a cybersecurity standpoint, compared to those from Microsoft or Google, mostly because of its “walled garden” approach.
However, another key reason why hackers aren’t as interested in Macs as they are in Windows or Linux devices is the smaller market share Apple holds. As things start to shift in the computing industry, we’ll be seeing more and more cyberattacks targeting Apple devices.
This is the general conclusion of a new report by cybersecurity researchers Bitdefender. In its “macOS threat landscape report”, the firm noted that Apple’s market share almost doubled in the last decade, citing figures from Statcounter that state Apple’s desktop operating system held 10% of the market share in 2013, but now holds almost 18%.
“Macs are far less targeted than Windows computers, as Microsoft still rules the land with 63% of the desktop market,” the report reads. “Threat actors are devoting time and resources to exploit the larger attack surface provided by Microsoft. But while Apple users enjoy less risk due to the platform’s smaller footprint, Macs aren’t bulletproof. Apple finds itself consistently having to patch actively exploited vulnerabilities as threat actors employ social engineering vectors and spray-and-pray techniques.”
Furthermore, while macOS might not be that interesting, iOS most certainly is. And given that the two share many components between one another (like the web rendering engine WebKit), attacks against Macs are becoming more efficient.
Bitdefender says Mac users are targeted by three key threats: Trojans, Adware, and Potentially Unwanted Applications (PUA). Of the three, Trojans are the biggest single threat, making up more than half of all threat detections. Of all those detections, around half (52.7%) were for EvilQuest.
Analysis: Why does it matter?
According to Bitdefender, the analysis matters because it might shatter Apple’s perceived image of being the “superior” ecosystem in terms of cybersecurity. More vulnerabilities discovered, and then exploited by threat actors, comes with the territory of being a significant player in the operating system landscape, and Apple’s had to act on numerous occasions lately to keep its customers safe.
Recently, Apple changed the way it pushes security updates, in order to be faster and more agile. It introduced a new feature called Rapid Security Response (RSR), which delivers important updates outside the regular patching schedule. Sometimes, these patches don’t even require the device to be restarted. It’s an important step in the right direction because, as Bitdefender says, many (if not most) users procrastinate updating software and deploying security fixes. “Statistics show that the vast majority of Mac owners use older generations of macOS,” the researchers concluded.
Roughly a month ago, it released an RSR update to address a zero-day vulnerability that was allegedly affecting fully-patched Apple devices, Macs included. At the time, Apple said it was aware of reports that the issue may have been actively exploited. The flaw being addressed was tracked as CVE-2023-37450, and was described as an arbitrary code execution bug in the WebKit browser engine. It allowed threat actors to run arbitrary code on target endpoints, by tricking victims into opening malicious websites.
An important caveat with all of the vulnerabilities being exploited on Macs is that there must always be user interaction. While that might sound as a good thing at first, it makes hackers put extra effort into making the malware look and feel legitimate. As a result, spotting malicious programs for Mac users could be a significantly harder undertaking.
What have others said about Apple’s security posture?
In its writeup, Australian outlet TechGuide says many Mac users have a “false sense of security”, allowing hackers to move in in greater numbers.
“Apple has a narrower threat level than Microsoft or Google and for this reason many users think they don’t need security software,” the publication states. “The report comes as more than 45% of Australians are now using at least one Apple operating system.”
On Twitter, there’s very little chatter about Bitdefender’s latest report, but earlier tweets show the cybersecurity researchers hitting the nail on the head when it comes to Apple users’ sentiment on cybersecurity. Discussing Bitdefender’s tool, one user says: “Now, I have no use of such tools – as our household only uses Apple products. We all know we don’t need stuff like that on iPhones, iPads, MacBooks,…! :)” Another user, who claimed to have been robbed of roughly $10,000 worth of cryptocurrency in an elaborate scam, asked “But how can a Trojan bypass the Apple security…?”
Not everyone is that comfortable not running any antivirus programs on their Macs, though. One user chimed in to say “I don’t trust Apple security that’s way I got Bitdefender Premium Security for Mac ON all the time.” Others said that while they use a different antivirus solution, they’d never let Apple be the sole caretaker of their endpoints.
Go deeper
To learn more about, make sure to read our article on the most exploited vulnerabilities in 2022. You should also check out our list of the best malware removal tools, as well as best firewalls. Also, don’t forget to read our in-depth guide on the best endpoint protection right now.
