Study of Most Common Mac OS Threats Reveals Adware-Serving Trojans

Steering clear of adware-serving threats can be difficult—many are bundled with software or appended to malicious email attachments.

most common mac os threats reveal aggressive adware

Today's Best Tech Deals

Picked by Macworld's Editors

Top Deals On Great Products

Picked by Techconnect's Editors

As a global security technology company that offers cutting-edge cybersecurity solutions and advanced threat protection technologies to more than 500 million users worldwide, Bitdefender has a unique perspective on threat landscapes and how threats evolve across platforms and spread globally. Our threat intelligence telemetry aggregates malware information from various sources, ranging from Windows, Mac OS, spam, phishing, and others, to provide award-winning protection against real-world threats across all major operating systems.

While the popular belief that Macs are not plagued by malware or threats is deeply rooted in the minds of many Apple users, our security experts debunked that myth long ago by pinpointing information-stealing Trojans, ransomware, aggressive adware, and even advanced persistent threats specifically designed for Macs. While it’s true that the volume of Mac malware is lower than those targeting Windows-based systems, there has been an increased proliferation of threats tailored to Apple devices.

And many of those threats are coming from just a few sources. Almost 11% of all threats reported for Mac users during the first three quarters of 2017 involve an aggressive adware Trojan usually bundled with legitimate software, Trojan.GenericKD.

Once installed, it hooks deep into the system and starts hijacking browser traffic and interfering with the overall user experience. While technically not a virus, it exhibits many similar traits.

As the most-reported threat for Macs, Trojan.GenericKD’s purpose is to increase advertising revenue for attackers by redirecting victims to various websites and sometimes even installing additional components.

The second-most-reported threat is W97M.Downloader, which is similar in purpose to the Trojan.Gen-ricKD family, but can also be used by threat actors as a tool to collect private information. Commonly encountered on Windows-based systems, the threat has also been ported to the Mac OS.

The same Bitdefender telemetry identified the third-most-prolific threat family for Mac as Adware.MAC.Pirrit. As the name implies, it’s a PUA (Potentially Unwanted Application) or PUP (Potentially Unwanted Program) that unleashes an overload of adware on the infected computer and injects ads into all installed browsers. While it’s usually considered a low-priority threat, this malware family also has capabilities that could allow attackers to completely take control of an infected system.

Besides injecting ads, Adware.MAC.Pirrit can collect personal user or business information. Commonly distributed using fake Adobe Flash or Microsoft Office updates, it’s extremely covert once installed, making manual removal painstakingly difficult.

Steering away from these Mac threats and adware-serving families can be difficult, as they’re either bundled with software that seems legitimate or they’re appended to malicious email attachments. Exercising caution in both cases is a good way of staying safe, but installing a security solution for Mac OS will ensure everything you download is clean.

A dedicated Mac security solution will also make sure that visited websites are legitimate and that you won’t fall victim to phishing, fraudulent websites, or malware-disseminating URLs.