Microsoft Corp.’s Windows operating system suffered nearly seven times more malware attacks than Apple Inc.’s macOS so far this year, reaffirming its position as the primary target for cybercriminals, according to new research from Surfshark.
From Jan. 1 to Aug. 24, 2025, Surfshark Antivirus logged 479,000 malware detections globally. Of those, 419,000 or 87.4 percent were on Windows devices, compared with 60,000, or 12.6 percent, on macOS. While Windows’ broader market share helps explain the disparity, the data also highlights critical weaknesses that make it attractive to attackers.
Windows holds about 71 percent of the global desktop market, down from 77 percent in 2020 but still well ahead of macOS at roughly 15 percent. The dominance is even more pronounced in certain markets, such as South Korea, where Windows accounts for 85 percent of desktops. “Attackers naturally focus their efforts on platforms with the greatest potential impact,” Surfshark said.
The research also shows stark differences in the types of threats each operating system attracts. On macOS, viruses made up 28 percent of detections, followed by trojans at 26 percent, riskware at 15 percent, adware at eight percent, and exploits at seven percent. The findings challenge the widespread belief that Apple devices are immune to malware.
Read also: Microsoft reaches $4 trillion valuation after solid results – Reuters
Windows, by contrast, faces its biggest threat from PowerShell scripts. PS1-based malware accounted for 22 percent of detections, followed by trojans at 21 percent, viruses at 17 percent, heuristic detections at 14 percent, and potentially unwanted applications at 11 percent. The heavy reliance on PowerShell, a legitimate administrative tool often repurposed by hackers, leaves Windows particularly exposed.
Monthly data reveals how quickly attacks can escalate. July saw 100,000 malware detections on Windows, more than double the typical monthly average of 47,000. More than half of those were linked to PowerShell exploitation of SharePoint vulnerabilities, enabling attackers to deploy ransomware payloads and steal credentials.
April and May also saw notable spikes in PowerShell-related threats, with 13,000 and 23,000 detections, respectively. By contrast, macOS infections fluctuated more moderately, without dramatic surges.
The findings underscore the importance of regular patching and updates. Both Microsoft and Apple release frequent security updates, but Surfshark warned that exploits remain effective when users delay installation. In 2025, seven percent of malware on macOS fell into the exploit category, showing attackers actively target unpatched systems.
“While macOS is not malware-proof, Windows continues to be the prime focus for cybercriminals due to its larger user base and exploitable tools like PowerShell,” Surfshark said.
