Macs can get viruses but do Macs need antivirus Do Macs get viruses? Do Macs need antivirus software? The answer isn’t as simple as it may seem. In this article, we look at the dangers faced by Mac users and the pros and cons of using Mac antivirus software.
Historically, the Mac has been consider to be safe and secure for a number of reasons that we will go into below, but in recent years that has shift considerably. In its report on the State of Malware in 2019 here, Malwarebytes said it saw a: “Significant rise in the overall prevalence of Mac threats, with an increase of over 400 percent from 2018”.
The good news is that in its State of Malware report in 2020 Malwarebytes found that the amount of malware detected on macOS actually decreased by 38 percent. But before you breathe a sign of relief, Malwarebytes stated that the worst kind of malware, namely “backdoors, data stealers, and cryptocurrency stealers/miners, increased by more than 61 percent” in 2020.
As for 2021, Malwarebytes indicated that “Overall Mac detections decreased by 38%, though Mac detections for businesses increased 31%”. Malware might be falling, at least for consumers, but other kinds of annoying programs continue to increase: “Malware account for just 1.5% of all Mac detections in 2020–the rest can be attribut to Potentially Unwant Programs (PUPs) and Adware,” said Malwarebytes of 2021.
It’s not only Malwarebytes that is reporting that viruses on the Mac is something to be concerned about: Apple is too! In May 2021 Apple’s software chief Craig Federighi took the stand at the Apple vs Epic trial and said that: “Today, we have a level of malware on the Mac that we don’t find acceptable.”
Federighi made the claim mainly to back up the need for an iOS App Store to protect iPhone and iPad users from malware on those devices. But he didn’t hold much back with regards to the malware situation on the Mac.
He revealed that 130 different cases of Mac malware have affected over 300,000 Macs since May 2020 and admitted that even members of his family had got malware on their Macs.
When the judge asked about the fact that Mac users can purchase and download software from various places on the Mac, rather than being limited to the Mac App Store, Federighi said: “Yeah, it’s certainly how we’ve done it on the Mac and it’s regularly exploited on the Mac. iOS has established a dramatically higher bar for customer protection. The Mac is not meeting that bar today.”
Federighi went on to explain that Mac users don’t download as much software as iOS users, so if iOS was as open to third-party downloads there would be a real problem for that platform. He said: “That’s despite the fact that Mac users inherently download less software and are subject to a way less economically motivated attacker base. If you took Mac security techniques and applied them to the iOS ecosystem, with all those devices, all that value, it would get run over to a degree dramatically worse than is already happening on the Mac.”
have a level of malware on the Mac
Finally, Federighi concluded: “Today, we have a level of malware on the Mac that we don’t find acceptable and is much worse than iOS. Put that same situation in place for iOS and it would be a very bad situation for our customers.”
So should Mac users start panicking now? To some extent there is reason for concern, but there are measures put in place by Apple at the operating system level that should protect Mac users from the worst malware threats.
Add a dedicate Mac security suite such as Intego Mac Internet Security to Apple’s protections and you should be well protect from these threats. You’ll find Intego at the top of our round-up of the best antivirus for Mac. Among others including McAfee and Norton.
As we will discuss below, Macs remains pretty secure thanks to a number of built-in security features that make attacking a Mac particularly challenging. These include Gatekeeper, which blocks software that hasn’t been digitally approved by Apple from running on your Mac without your agreement, and XProtect, which is Apple’s own antivirus built in to macOS. More on those security features below.
Can Macs get viruses?
The word virus gets use a lot more than it should be – a more accurate word would be malware. A computer virus is so calle because it is capable of replicating itself and spreading. A virus is only one type of malware of which there are many, and unfortunately there have been cases on the Mac.
We have a complete list of Mac viruses and malware in a separate article, but to summarise, Malware includes the following:
Adware: Once this malicious software is install on a Mac it will show advertisements. And pop ups for software – most likely for Potentially Unwanted Programs like those we will discuss next. According to Malwarebytes: “macOS’ built-in security systems have not cracked down on adware. And PUPs to the same degree that they have malware, leaving the door open for these borderline programs to infiltrate”.
Potentially Unwanted Programs (or PUPs): Famous examples include Advanced Mac Cleaner, Mac Adware Remover, and Mac Space Reviver. These apps tend to hound users, which is part of their downfall. s due to the bad reputations of some of these apps the number of Macs affected has fallen, according to Malwarebytes. So it seems that people are at least wising up to these dodgy programs.
Ransomware: Ransomware has been detected on Macs – although the most recent case ThiefQuest / EvilQuest – didn’t actually work very well (in fact some would suggest it was pretending to be Ransomeware, but actually it was just transferring data). Either way, it was quickly identified and stopped.
Cryptocurrency miners: Criminals have attempted to use Macs to mine bitcoin. And the like as in the case of LoudMiner (aka Bird Miner).
Spyware: Our data is incredibly valuable to criminals and spyware is design to obtain this information. One example of this would be the Pegasus spyware that was know to have infected some iPhones. This was enough of an issue for Apple to announce that they will. Warn users of spyware attacks like Pegasus (more on that below).
Phishing: We’ve all received phishing emails and we all know the dangers, but as criminals get more sophisticated (and maybe even learn to spell) can we be sure we won’t fall for a phishing attempt to gain our data or log in details. You may think that you will never fall for a phishing attempt. But could you be as confident about your parents?
Trojan Horse: A Trojan is a kind of malware that is hidden, or disguised in software. There are various kinds of Trojans. A Trojan could, for example, give hackers access to our computers via a ‘backdoor’. So that they can access files and steal your data. Essentially the name Trojan describes the method by which the malware gets onto your computer.
USB/Thunderbolt hack: There have also been cases where malware has been installed on Macs via a modified USB cable. There have even been security flaws associat with Thunderbolt which are discusse. How to protect your Mac from the Thunderbolt security flaw. Also read: Can Macs be hack?
It’s clear from these cases that there is a threat from malware on the Mac. And there are likely to be more cases in the future. Even the M1 Macs were targete shortly after they were introduce in November 2020. The Silver Sparrow malware targeted both M1 Macs and Macs that use Intel processors.
One good thing is that Adobe ended support for Adobe Flash on 31 December 2020. At least this should reduce the number of cases of Mac malware disguised as the Flash Player arriving on the Mac.
Do Macs need antivirus?
Having just demonstrat that there is a the risk pose by Mac malware you might be thinking. That it’s clear that Macs need antivirus, but that’s not necessarily the case.
Apple goes to great lengths to protect you from malware by making it almost impossible. For you to download it in the first place, let alone install it.
For example, Apple has anti-malware protection known as XProtect built into into macOS that inspects every app for malware. Apple also has Gatekeeper, a feature of macOS that checks that any app you attempt. To open or install has come from a certified developer.
Thanks to these features, before you can install an app, your Mac will check it against a list of malware, and even if there is no reason for concern it will not make it easy for you to open an application from a developer that it hasn’t approved.
In the next section we’ll run through all of these macOS specific features. That should keep you safe from Mac malware. But keep on reading to find out why they may not be enough.
How Apple protects Macs from viruses
Macs are generally safer than PCs, but with the threat to the Mac growing due to. The increasing popularity of the platform (both with consumers and with those who wish to target Mac users). Apple has had to build in protections to macOS and the Mac hardware itself.
In this section we will look at the inbuilt protections in macOS and will establish whether they are enough. Or if you should also install antivirus software on your Mac.
How XProtect works
The Mac’s malware scanning tool, XProtect, works invisibly and automatically in the background and requires no user configuration. Apple has a list of malicious applications that it checks against when you open downloaded applications. XProtect is regularly update by Apple, and it updates in the background, so you should always be protect.
This is similar to having antivirus software from a third party software developer running on your Mac. With the bonus of being written into the operating system and therefore it doesn’t hamper the speed of your Mac.
If you download and try to open files contaminated with malware. You may see an explicit warning that the files will “damage your computer”. Along with a reference to type of malware. In that case you should delete the file immediately.
This is great news for Mac users, but is it enough? How does XProtect compare to the antivirus solutions out there? Well, XProtect may not be as up to date as some of the solutions. And it doesn’t look for as many strains of malware as the third-party solutions do. Read our round up of the Best Mac Antivirus Apps.
How Gatekeeper works
Thanks to Gatekeeper, macOS blocks download software that hasn’t been digitally sign – a process in which Apple approves the developer. This leads to the familiar error message when you try to use or install unsigned software: “[this app] can’t be opened because it is from an unidentified developer.”
GateKeeper can protect you by only installing software downloaded from the Mac App Store. Or you can set it to allow you to install software from the web – but from verified developers.
One change to Gatekeeper that arrived in macOS Catalina includes software being check for malware. And other issues every time it runs, rather than just the first time you install it.
You can adjust these settings via the Security & Privacy section of System Preferences:
- In Security & Privacy select the General tab
- Choose from the options underneath Allow Applications Downloaded From.
- Choose App Store or App Store and Identified Developers.