The latest McAfee Threat Report shows that macOS malware grew by 744% in 2016, with around 460,000 instances detected. Behind the headline number, though, are a couple of reassuring facts.
First, while Mac malware is on the increase, it is almost a rounding error when viewed alongside Windows malware. All malware detected last year combined totalled more than 600M instances. Of this, around 15M examples were mobile malware – almost all of it Android …
Second, the large increase in macOS malware was mostly due to adware bundling – software that results in Mac users being exposed to ads rather than risks to their machines.
More worrying examples of Mac malware do exist, however, such as the January attack which hijacked Safari and the Apple Mail app to cause infected machines to crash, the Fruitfly malware used to attack Macs in biomedical research institutions and a Word macro targeted specifically at Macs.
As always, the best way to protect your Mac from malware is to only ever install software from the Mac App Store and trusted developers.
One worrying trend is a significant growth in Internet of Things devices infected with malware, enabling them to be used as part of botnets for things like denial of service attacks on websites.
The company said it was a large-scale attack using around 2.5M IoT devices that hit domain name services provider Dyn, making large parts of the web unreachable for a time.
IoT devices are being hijacked and used to carry out serious crimes in cyberspace. Attackers, after gaining control of IoT devices, can use them to attack business, consumers, or Internet infrastructure. The Mirai botnet is just the beginning.
The finding underlines the need for care when choosing smart home devices, no-brand Chinese devices a particular risk.
At its peak, Dyn was flooded by 1.2Tbps of traffic, the highest volume of DDoS traffic ever recorded. The analysis of the attack confirmed that the DDoS traffic originated from Internet of Things (IoT) devices infected by the Mirai botnet.
McAfee supplied us with an advance copy of the report, which will be available online later today.