Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
OS X Security Software Apple

Nearly 50% of macOS Malware Comes From One App (neowin.net) 74

joshuark writes: Yikes, gadzooks, and shiver my timbers! Elastic Labs has found surprisingly that 50% of malware comes from one app: MacKeeper, ironically. Ironic in that MacKeeper claims to "keep your Mac clean and safe with zero effort." MacKeeper also has a tainted reputation for being difficult to completely uninstall and as a malicious antivirus.

A new spin on the biblical phrase, "Am I my brother's keeper..." Well, when the inmate is running the asylum.
The findings appear in Elastic Security Labs' recently released 2022 Global Threat Report. As Neowin reports, MacKeeper "can be abused by threat actors because it has extensive permissions and access to processes and files."

With that said, the report found that only 6.2% of malware ends up on macOS devices, compared to 54.4% and 39.4% on Windows and Linux, respectively.
This discussion has been archived. No new comments can be posted.

Nearly 50% of macOS Malware Comes From One App

Comments Filter:
  • by CaptainLugnuts ( 2594663 ) on Thursday November 17, 2022 @08:47PM (#63059886)
    Only one way to do each thing?
    • No. He wanted a computer so simple and elegant, a housewife could use it. That is exactly what a Mac is. They generally just work. You do not need to install all of these piece of shit maintainers. It does it for you.
      • by DamnOregonian ( 963763 ) on Thursday November 17, 2022 @11:43PM (#63060148)
        lol. I moved to an all-Mac platform with the Apple Silicon transition (Started with an Air, upgraded to an MBP) after 15 years of exclusively using Linux for my workstation (with plenty of windows use for gaming).

        macOS isn't terrible as a system to use. Less featured than Windows or GNOME/KDE in most cases. About equally as "buggy" (where that can be defined as shit that should work, but just doesn't)

        And of all 3- has the most consistent track record of breaking my software every single fucking upgrade, lol.

        Ultimately, the idea that they're somehow "better" for the layman is fucking nonsense.

        I acknowledge that my view isn't mainstream (after all, I find a GNOME desktop [modified heavily, of course]) as the superior option of the 3, but it also means I'm less steeped in the kool-aid.
        And you can't argue that I'm just sour grapes for not having one of these superior computing devices, being I'm typing this on a $7000 Mac laptop.
        • Well, I switched to Mac from Windows some years ago and my experience is not the same (opposite even?).

          I don't see these fantastic, indispensable Windows features (I have to use Windows for work) that people always refer to - perhaps you could be more explicit

          I haven't had problems with broken software - again maybe you can be specific?

          When I have tried Linux desktop, I find it a confusing set of poorly structured UI elements that seem to resolve to command line commands but with limitations. It's
          • by DamnOregonian ( 963763 ) on Friday November 18, 2022 @03:36AM (#63060354)

            Well, I switched to Mac from Windows some years ago and my experience is not the same (opposite even?).

            I'd be unsurprised. Apple kool-aid is notoriously powerful stuff.

            I don't see these fantastic, indispensable Windows features (I have to use Windows for work) that people always refer to - perhaps you could be more explicit

            Right off the bat, ability to manage the system sound server to set the volume for specific applications :P
            Would you like me to make an exhaustive list for you?

            I haven't had problems with broken software - again maybe you can be specific?

            Install MacPorts, you'll understand.
            If you're using nothing but Application bundles, then you're probably gonna have an easy go of it. But my system is a workstation. I need to be able to work with POSIX software- a supposed strong point of macOS.

            When I have tried Linux desktop, I find it a confusing set of poorly structured UI elements that seem to resolve to command line commands but with limitations. It's never been anything remotely viable (I am an extensive Linux user for server type work).

            Every UI has elements placed in poorly structured areas. Those who think macOS is an exception to this are again, steeped in the kool-aid.
            Full Screen operation is the most laughably silly that comes to mind. Full screen iMessage. Attempt to use upper widgets without accidentally triggering the pop down title bar, which will then half-cover those elements.

            • Ah yes, I largely avoid using MacOS for software development other than Mac or iOS software. I do all my "generic" software development (read plain C, database stuff etc.) on linux and all in command line. Ergo I have no experience of trying to do cross platform dev on a mac.

              Regards ability to change volume by specific app, I can see that might be useful, however I never tried to find that capability on Mac or on windows so presumably (fro me) its utility isn't something I miss. I'm sure there are lots o
              • It may not be kool-aid consumption. And to be fair- not once have you told me that I'm holding it wrong, or that "you shouldn't be trying to do that anyway", or "that's a stupid feature", so I think I probably owe you an apology for assuming you were one of the rabid Apple fans.
              • Regards ability to change volume by specific app, I can see that might be useful, however I never tried to find that capability on Mac or on windows so presumably (fro me) its utility isn't something I miss.
                That is no problem on macOS anyway. Every Application that is "using media" has its own sound settings.

                If he wants an alert sound from Word be different loud than one from PowerPoint, then he is out of luck.

                • That is no problem on macOS anyway. Every Application that is "using media" has its own sound settings.

                  Incorrect. Here's a tip for you- never, ever, make blanket statements like that. It makes you look stupid. To prove you wrong, one merely needs to show one single piece of evidence that goes against your claim.

                  If he wants an alert sound from Word be different loud than one from PowerPoint, then he is out of luck.

                  Correct, but unrelated.

            • I haven't had problems with broken software - again maybe you can be specific?

              Install MacPorts, you'll understand.

              If you're using nothing but Application bundles, then you're probably gonna have an easy go of it. But my system is a workstation. I need to be able to work with POSIX software- a supposed strong point of macOS.

              I've found Homebrew https://brew.sh/ [brew.sh] to be better than MacPorts. I've never had an issue with minor number updates and I've never had an update with major number updates when I've waited until the Homebrew maintainers say it's ready to go. Are you doing major version upgrades of macOS without checking if MacPorts have everything ready to go?

              • I've found Homebrew https://brew.sh/ [brew.sh] [brew.sh] to be better than MacPorts. I've never had an issue with minor number updates and I've never had an update with major number updates when I've waited until the Homebrew maintainers say it's ready to go. Are you doing major version upgrades of macOS without checking if MacPorts have everything ready to go?

                The issue isn't MacPorts, or homebrew per se, it's the development toolchains, and trying to build stuff.
                Homebrew by default ships built binaries which (generally, though sometimes absolutely do not) work after an upgrade.
                Attempting to rebuild them will usually break until everything is patched up. Since all of homebrew and all of MacPorts aren't maintained as a single cohesive unit (how could they be?) what follows after every major update is a several month period where people try to get stuff to build

            • I haven't had problems with broken software - again maybe you can be specific?

              Install MacPorts, you'll understand.

              Ok, now it becomes clear!

              Apple is responsible for the Stability of a Third-Party, Cross-Platform, Package Manager?

              Riiight. . .

              • Apple is responsible for their platform being stable.
                They are, of course, entitled to say, "we give zero fucks about stability"- and they have.

                And I am entitled to say that makes for a shit operating system.

                Your comment belies a fundamental lack of understanding of how software works.
                When you have 2 pieces of software, 1 changes, and 1 does not, you would blame the one that did not change for breaking.
                It's pretty humorous. Shill on, pond scum.
                • Apple is responsible for their platform being stable.

                  They are, of course, entitled to say, "we give zero fucks about stability"- and they have.

                  And I am entitled to say that makes for a shit operating system.
                  Four Decades as a paid Embedded Developer, and another six or so as a Application Developer for Windows crap.

                  Yeah. No idea. Never seen an IDE; never written a Make File.

                  Your comment belies a fundamental lack of understanding of how software works.

                  When you have 2 pieces of software, 1 changes, and 1 does not, you would blame the one that did not change for breaking.

                  It's pretty humorous. Shill on, pond scum.

                • Apple is responsible for their platform being stable.

                  They are, of course, entitled to say, "we give zero fucks about stability"- and they have.

                  And I am entitled to say that makes for a shit operating system.

                  Your comment belies a fundamental lack of understanding of how software works.

                  When you have 2 pieces of software, 1 changes, and 1 does not, you would blame the one that did not change for breaking.

                  It's pretty humorous. Shill on, pond scum.

                  I hate Slashdot's inability to allow a fucking edit!

                  What I said was:

                  Yeah. No idea. Never seen an IDE; never written a Make File.

                  Right.

                  • Everyone reading agrees- you haven't.
                    If you had, you'd have been fucked by the xcode command line tools breaking on the Monterey update, lol.
            • Would you like me to make an exhaustive list for you?
              Actually yes.

              Full Screen operation is the most laughably silly that comes to mind. Full screen iMessage.
              Full Screen on Macs is a nightmare, I wonder why they did not finally fix it since half a decade or more.

              But: who is so silly to use something like iMessage in full screen mode?

              • Actually yes.

                Lack of per-Application control for Core Audio. This is a feature that Linux (via Pulse, and now PipeWire) and Windows have support for years, and years, and years.
                Screen edge snapping for windows. Again, mainstay in Linux and Windows for years, and years, and years
                DPI control for monitors (if macOS mis-guesses your screen DPI because it misreads DDC data, you're shit out of luck)
                The ability to treat a mouse differently from a trackpad with regard to system wide settings (like scrolling direction)
                The

        • Religion sucks in both real life and in computing too,

          My main "get shit done" machine is an arm mac. I like using it, because I understand it, and the underlying unix infrastructure makes my job as a software developer MUCH nicer.

          For backend work for almost exlusively Linux servers, and occasionally FreeBSD. Occasionally I'll have to code for windows server but I gotta be honest, I really dont enjoy it, dot net is not my cup of tea, but no judgement from me, jut a preference.

          For mobile dev, I prefer to code

        • And of all 3- has the most consistent track record of breaking my software every single fucking upgrade, lol.

          Every single Upgrade? You poor baby!

          Let's see: You act like you've been long-suffering, through Upgrade after Upgrade; with each and every Upgrade bringing a massive horrorshow that broke "your software".

          All Software; or just "yours"? Perhaps there is an issue with "your software" (whatever that is!), instead?

          And since there has been only one Mature Upgrade of macOS (from Big Sur to Monterey, 11.0 to 12.0), since the first Macs with Apple Silicon, and one "barely out of beta" Upgrade (from Monterey to Ventu

          • Ah yes, enter the ignorant toolshed caped Apple Defender.

            Let's see: You act like you've been long-suffering, through Upgrade after Upgrade; with each and every Upgrade bringing a massive horrorshow that broke "your software".

            2 major upgrades and a number of minor ones since the release of the M1 Air.
            That's far more than enough to piss off anyone expecting the software stack on their device to continue functioning.

            All Software; or just "yours"? Perhaps there is an issue with "your software" (whatever that is!), instead?

            Of course not all software. And of course not just mine.
            Almost always, it's tooling software. Obviously, the applications that do little interaction with the system continue to work just fine.
            What I find funny about your response, is it's clear you have no fuc

          • Well, I have no idea about the parent.

            I upgrade macOS ... sometimes. Never had to upgrade a homebrew/fink (POSIX) app afterwards. Why would I? They usually don't use anything Mac specific.

            OTOH, ym Mac is a 2014 Intel one ... no idea what changed on Arm.

        • by dfghjk ( 711126 )

          "Ultimately, the idea that they're somehow "better" for the layman is fucking nonsense.

          I acknowledge that my view isn't mainstream..."

          That argument originated in the 80's, hasn't been true for 20 years, and cannot be let go by the SuperKendalls of the world. It has nothing to do with laymen or the mainstream, it is a tribal argument exclusively.

          Modern MacOS is better than Windows or Linux in significant ways, however, but not in lack of bugs or ease of use. The lack of a registry alone is worth it.

          • As noted, it's very easy to compile a list longer than this page of why Windows and/or Linux are "better" (i.e., more featureful)
            Thus, I reject entirely anyone saying any one of them is "better".

            It's simply too easy to point out things Macs fucking suck at, and things that other OS' do a lot fucking better.
            That isn't in any way to argue that macOS don't also excel at things. Because it does.

            For an example, I'm really enjoying the power and speed at which I can move around windows and workstations with
  • % of what? (Score:3, Insightful)

    by MeNeXT ( 200840 ) on Thursday November 17, 2022 @08:57PM (#63059922)

    I've been running and installing Mac, Windows, FreeBSD and Linux on systems deployed as workstations and servers. I have yet to find/see one Linux malware app. I would say that Windows through the updates has turned out to be 100% infected. First by unwanted apps. Then by tracking and now by advertising.

    It's starting to feel that if it's not open source, it has some hidden feature that is not to the users interest.

    • by Talchas ( 954795 )
      I'm guessing that the linux involved is 99.9% android.
      • I'm guessing that the linux involved is 99.9% android.

        That's impossible, Android is far more secure than iOS, particularly because of Android's side loading feature.

        • I'm guessing that the linux involved is 99.9% android.

          That's impossible, Android is far more secure than iOS, particularly because of Android's side loading feature.

          You forgot the Sarcasm tag!

          • I'm guessing that the linux involved is 99.9% android.

            That's impossible, Android is far more secure than iOS, particularly because of Android's side loading feature.

            You forgot the Sarcasm tag!

            Well, I felt I had laid the sarcasm on so thick that anybody would pick up on it but apparently there are enough people out there who didn't have a sarcasm detector installed at birth that somebody felt obliged to mod my comment down '-1 troll' which I for one think is '+1 funny'.

            • I'm guessing that the linux involved is 99.9% android.

              That's impossible, Android is far more secure than iOS, particularly because of Android's side loading feature.

              You forgot the Sarcasm tag!

              Well, I felt I had laid the sarcasm on so thick that anybody would pick up on it but apparently there are enough people out there who didn't have a sarcasm detector installed at birth that somebody felt obliged to mod my comment down '-1 troll' which I for one think is '+1 funny'.

              [rollseyes]

    • > I have yet to find/see one Linux malware app.
      Just because you can't find it doesn't mean it's not there.

      Tons of Linux servers, including those sitting at AWS, Azure and other cloud hosters get infected every single day.

      • Only because they never get updated or bad root passwords.
        They get infected because bad/no admins, not because Linux itself is vulnerable.

        If you use a simple passwords and do not use a lockout (which is installing one package) it will get guessed eventually.
  • Yeah. Right. That is one messed up study.
  • by NoWayNoShapeNoForm ( 7060585 ) on Thursday November 17, 2022 @09:06PM (#63059936)
    I see that MacOS has it's own version of McAfee anti-virus. It's called "MacKeeper".
  • by bruce_the_moose ( 621423 ) on Thursday November 17, 2022 @09:14PM (#63059950)

    As a Mac user, let me tell you all that MacKeeper is a nasty piece of shit. It's a hold over from the bad old days when storage and memory were dear. There is absolutely no reason to run such a thing nowadays.

  • I READ tfa. Assertions are made. Vague wording made me click. No sign of evidence to support the claims. There was a bar chart. Wooo. Elastic wants to gather your info to get the report. No thanks.

    I've done 100's of Linux deployments, never got malware. None of my colleagues ever mentioned such issues either. Not buying it. Somebody should read the report.
    • I READ tfa. Assertions are made. Vague wording made me click. No sign of evidence to support the claims. There was a bar chart. Wooo. Elastic wants to gather your info to get the report. No thanks.

      I've done 100's of Linux deployments, never got malware. None of my colleagues ever mentioned such issues either. Not buying it. Somebody should read the report.

      Ok. Maybe we're underestimating how big and dumb The Cloud is? You've got developer types slinging static linked binaries around left and right, access keys being checked into source control, etc. IDK, but here was the breakdown of Linux malware. It's easy to make fun of Windows users until you catch a big brained developer doing curl | bash

      "Diving a bit deeper, we identified that the largest contributor of Linux-based malware/payloads was Meterpreter at ~14%, followed by Gafgyt at ~12%, and Mirai at ~1

      • OK, you have some reasonable points, but... from the report, seems like apples and oranges. Correct me if I'm wrong, but macOS is a desktop OS and the Linux in question here, is Linux on servers... in the cloud . I.e. the research appears to be comparing malware on Mac desktops vs malware on Linux servers. Seems misleading.

        So... if 50% of macOS Malware Comes From One App... are there only 2 apps on the Mac?
    • I wonder if "Linux" includes Android, which, technically, Linux is Android. However, when people state Linux, they often mean a desktop or server OS, and not Android.

      Lumping in Android devices where security can range from extremely good to pretty much null can easily make for easy anti-Linux statistics.

    • I READ tfa. Assertions are made. Vague wording made me click. No sign of evidence to support the claims. There was a bar chart. Wooo. Elastic wants to gather your info to get the report. No thanks.

      I've done 100's of Linux deployments, never got malware. None of my colleagues ever mentioned such issues either. Not buying it. Somebody should read the report.

      I run macOS.

      No malware, ever. Not once since 1984.

      No "Antivirus" crap, either.

      Just don't click on stupid shit and then don't ignore the "This came from the Internet. Are you Sure you want to be Raped?" Warning, and you'll be fine!

  • ... macfascinating!

    next.

  • What kind of crap pirate talk is that? Did you learn pirate-speak from Muppet Treasure Island?

    • by piojo ( 995934 )

      "My" is pronounced "me" with the appropriate accent. It was never "shiver me timbers". It was always "my".

  • I am surprised that there is only 6.2% of malware on macOS.

    The oldest Mac you can use to install the latest macOS Ventura is from 2017.
    This is good, but it also means that there are many macs which can not be updated.
    https://support.apple.com/en-u... [apple.com]

    Windows 10 system requirements are 1 GHz CPU and 1 GB RAM from approximately 2009.
    https://support.microsoft.com/... [microsoft.com]

    You can install the latest version of a Linux distribution on practically anything.

    • I am surprised that there is only 6.2% of malware on macOS.

      The oldest Mac you can use to install the latest macOS Ventura is from 2017.
      This is good, but it also means that there are many macs which can not be updated.
      https://support.apple.com/en-u... [apple.com]

      Windows 10 system requirements are 1 GHz CPU and 1 GB RAM from approximately 2009.
      https://support.microsoft.com/... [microsoft.com]

      You can install the latest version of a Linux distribution on practically anything.

      And how many major (all-in) CPU Architecture changes have Windows and Linux made since, let's say, ever. That has a way of negatively affecting forward-compatibility of old hardware, ya know?

      But even though unsupported, crafty Hackers have managed to rejigger Frameworks and the occasional Driver to fairly successfully bring even post 10.x versions of macOS (i.e, Big Sur and Up) to Macs far older than 2017 models.

      But even though now Unsupported; my mid-2012 MacBook Pro was Officially Supported up through mac

      • by cgwprs ( 7969202 )
        The Linux kernel supports many CPU architectures some of them considered vintage. Only recently has the Linux kernel dropped support for 486 CPUs. Some of the computers that I use frequently were manufactured during the days of Windows Vista. There may be support for even more CPU architectures from BSD but I am not really a part of that community.
        • The Linux kernel supports many CPU architectures some of them considered vintage. Only recently has the Linux kernel dropped support for 486 CPUs. Some of the computers that I use frequently were manufactured during the days of Windows Vista. There may be support for even more CPU architectures from BSD but I am not really a part of that community.

          Those are like saying Windows supports PowerPC; because there was a tiny, neglected version that had PPC Support.

    • Apple will still release security patches for older hardware not capable of running the latest. Same way how microsoft will keep supporting win10 for those machines that can't update to win11 for the next few years at least. So not as good as 2009 but better than 2017 at least. Linux is the significant outlier in that you can often manage to get the latest version running on very old hardware. Though sometimes you'll have to compile stuff yourself to remove latent AVX instructions. I saw a video recently of
  • was it necessary to say "only 6.4% ends up...."

    It detracts focus from the article and make readers combative.

    Of course there are fewer viruses on Mac, it's a smaller market where less data of value is generally stored ... and Mac users generally store all their files in the cloud which provides history. It's a boring target.

    On the other hand, Linux is rarely properly secured (for a multitude of reasons), it's the most used and least maintained operating system by a minimum factor of 10, and the data associa
    • I'd believe those statistics if Android were lumped in, because Android is technically, Linux. However, the amount of infected/compromised Linux boxes I've had to deal with over the years has been precisely zero. The worst have been legit users deciding to sling mining software on a box back before it was ASIC mining or nothing.

    • and Mac users generally store all their files in the cloud
      Probably the silliest comment on /. since a few months ...

      • and Mac users generally store all their files in the cloud
        Probably the silliest comment on /. since a few months ...

        Not sure why it's silly. Doesn't Apple load iCloud on new machines by default these days?

        More specifically it should have been phrased "and Mac users generally store all their back-up files in the cloud.

  • John McAfee would be so proud to hear this company following in his esteemed footsteps by creating malware that people actually pay for and want to have on their computers.

  • As a Mac user for, I have always stayed away from MacKeeper, because it's been known issue !
  • by mrfaithful ( 1212510 ) on Friday November 18, 2022 @08:41AM (#63060758)
    I thought MacKeeper was a virus. You see it advertised in aggressive fashion on the scummier sites out there and many times I've had to cancel a "Do you want to download MacKeeper.dmg from blah.com?" Either there's a whole lot of trojans piggybacking on the name or the company has done some very scummy things to get it installed on as many machines as they can and with the best will in the world it's not a hop skip and jump away from malware.
  • The worst malware I've experienced is Time Machine. Destroyer of machines. Next might be Apple's memory management. I suspect there is more malware in Apple's base build than in the wild, but it's all semantically dismissed.

  • Are you trying to tell me that there are enough people out there who fell for those spammy MacKeeper ads for it to constitute the biggest threat on the platform?

    Those ads used to pop up in exactly the same fashion as any other blatantly obvious malware ad that you've ever read about, so naturally I never even remotely considered clicking on their ads... so how the heck did anyone fall for that crap?

Trap full -- please empty.

Working...