Malwarebytes: Macs Outpaced PCs in Number of Malware Threats Detected Per Endpoint in 2019, But Most Are Adware

Amazing Iceman

macrumors 68040
Nov 8, 2008
3,923
1,504
Florida, U.S.A.
And therein is the real REAL problem. Believing this can only happen to those people.

I've seen these malware installers on all kinds of sites that "normal" people would not likely say are "weird". The most prevalent (currently) seem to be sites that offer PDF manuals or books. The bad guys have figured out that people often go searching for manuals and books online, and, apparently, people go searching for manuals and books online quite a lot! It is the new "pirating a movie", methinks. So… is it "weird" that you're downloading a Kubota tractor maintenance manual off a website with a .ru TLD? To me? Yeah. To you, Amazing Iceman? Probably. But to my 75 year old father? He searched, they had it, why not download it? Oh, and it is in a DMG… that if he double clicks on it, it opens and tells him he needs to install Adobe Acrobat to open the manual and helpfully offers to do that? That's "computer", so he does. You or I… no… we know better. But it isn't weird at all to him. And that's the level we're dealing with.

Guess what, dear Dad lost his $3000 27" iMac account Admin privileges. He can't install anything now. But Apple is still making every default first log-on user with Admin privileges!

Have any of you tried to operate a Mac recently with only Standard User privileges?

(Here's a hint: go download Privileges by SAP; it is a nice app to have in the arsenal.
https://github.com/SAP/macOS-enterprise-privileges )
You are very right. Yesterday I was helping a user who ran into a popup window that said his computer was infected with malware, and to call Microsoft support, etc.
This user was not in a 'weird' site. I checked his history and found nothing dubious.
Next, using that information, I tried to find the source of that popup using my Windows VM.
Surprise! I founded in one of the video article links of MSN, which is part of the default Windows 10 browser home page.

I attached it below... Now... how in the world could a regular user know what to do here?
Notice the password prompt, ready to steal the user's password. And the user may be willing to enter it, specially in a business environment, due to guilt of having infected the computer, and trying to avoid a superior from finding about it.
If this happens to a family member, it would depend on how approachable we are to assist them.
Do we happily help or get annoyed by their calls?

Because most of these popups are embedded into fake Ad Banners, one thing that may help quite a lot is to use an Ad Blocker, such as AdGuard. But educating the user is the most effective solution.

Now look at the attachment, and tell me how effective it is...

Screen Shot 2020-02-12 at 14.04.56.png
 
  • Like
Reactions: NickName99

Unregistered 4U

macrumors 6502a
Jul 22, 2002
865
466
how in the world could a regular user know what to do here?
This is why I think an Ad Blocker would be more effective and efficient than Malwarebytes. I mean, I’d imagine MWB is checking any number of different things on your computer constantly, affecting performance and if you’re mobile, battery life. Ad Blockers do a LOT less and is effective against the primary vector... the user. :)

Thanks to Malwarebytes to providing a commercial for Ad Blockers!
 

NickName99

macrumors 6502a
Nov 8, 2018
544
1,648
This is why I think an Ad Blocker would be more effective and efficient than Malwarebytes. I mean, I’d imagine MWB is checking any number of different things on your computer constantly, affecting performance and if you’re mobile, battery life. Ad Blockers do a LOT less and is effective against the primary vector... the user. :)

Thanks to Malwarebytes to providing a commercial for Ad Blockers!
I couldn’t agree more. This whole story just reinforces the need for ad blockers. Most malware comes in through ads these days.

It’s sad because websites are largely paid for by ad revenue, these bad ads are driving users to use ad blockers, which in turn is driving websites to move to subscription models.
 
Last edited:
  • Like
Reactions: CarlJ

Timothy Leo Crowley

macrumors regular
Dec 5, 2016
175
210
I was so hoping Mac Rumors would skip this one. Much of the other "tech press" repeating the Malwarebytes advertisement verbatim. I was hoping you were better than that. Nope. I guess not. Sad state of todays tech press. Garbage in. Garbage out. I would never put this crap on one my computers. Ick.
- - Post merged: - -

And of course is immediately discredited in your eyes, never mind that a company who's business is to protect against malware would be perhaps the most knowledgeable about malware threats :rolleyes:
Their business is to sell software. this was an advertisement masked as a press release.
 
Last edited:
  • Like
Reactions: NickName99