Does your Mac need antivirus software?

Does your Mac need antivirus software?

Articles Does your Mac need antivirus software?
By Martyn Watts | Posted in Articles

Introduction

There’s an age-old belief in the tech world that Macs don’t get malware and therefore don’t need antivirus software. Well, we know that isn’t true – security firms have uncovered malware specifically targeted at Mac computers in 2019. But is it true that Macs are less vulnerable than Windows PCs?

The belief that Macs are fairly resilient to malware isn’t just idle fanboy-ism. Windows PCs make up roughly 90% of the market, making them a much more attractive target to malware makers.

Built-In macOS Protection

Macs do have some stellar built-in tools that protect you right off the bat. For example, when you download an app from the internet, your Mac checks it against a list of known malware apps using the built-in XProtect system. This works invisibly in the background, meaning it needs no maintenance or activation and doesn’t slow down your Mac. The Gatekeeper system, meanwhile, will prevent the app from opening without your permission if it hasn’t been digitally signed – this means it’s been approved as a safe app by Apple themselves.

On top of that, most apps are sandboxed. This means they can are restricted to doing what they’re meant to do, without being allowed to interfere or access unnecessary critical system files, infrastructure and settings.

 

Limitations of Built-In Protection

Ironically, the nature of sandboxing on macOS actually restricts antivirus software, at least if you download it from the Mac App Store.

By default, an antivirus app from the Mac App Store would not be able to gain access to most of the files on your hard drive. Even if you grant access to the entire hard drive, many of those files cannot be removed by an App Store app. This means App Store antivirus is less likely to be able to detect all threats, and is also less likely to be able to remove all threats.

 

Common Malware Causes

If you fall victim to Mac malware, it’s less likely to be at the hands of a traditional virus and more likely due to you being tricked into installing malicious software masquerading as a trustworthy app — Mac Defender being a well-known example.

image

Despite Apple’s safeguards, these are not enough for full protection. For example, while the built-in Gatekeeper can block apps that originate from third-party or untrusted developers, it can easily be bypassed by the user with a couple of clicks.

We may think that an app has been unnecessarily flagged by Gatekeeper (or get “dialogue fatigue” and allow it to run without thinking), thereby inadvertently opening the door to malware. Or we may see a well-made forgery of a trustworthy website, leading to us giving away our bank details to fraudsters.

Ultimately, antivirus software alone will never be enough. You always need to back it up with a strong dose of common sense.

  • Don’t download apps from questionable sources
  • Don’t overrule Gatekeeper’s warnings without a high degree of caution; D
  • Don’t click links in emails from unknown senders
  • Don’t listen to suspicious websites prompting you to install Adobe Flash Player (for example) or any other app.

That said, an efficient and non-intrusive antivirus app can be a useful tool in keeping your Mac safe. It can help to cover ground that’s missed by Gatekeeper, XProtect and the other security measures in place on your Mac.

Conclusion

We recommend that you should install antivirus software on your Mac. Our recommended anti-virus solution is Sophos. We have found this has the minimum impact on system performance whilst also providing top-notch protection.

Sophos benefits from a global community of users. This ensures your Mac is most likely to be protected by a reputable company on the front-line of malware protection due to its huge installed base of other customers. Sophos also has elevated privileges to enable it to securely scan your entire Mac hard drive for malware without the limitations inherent in sandboxing.

Installing anti-virus is not the whole solution to online security, but backed up with plenty of common sense it goes a long way to keeping your Mac safe. Do all of that and you stand a good chance of keeping Mac malware at bay.

If you wish for us to contact you with more information or a quote please get in contact

 

 

Top 10 Malware on macOS in 2019

  1. OSX.DOK: This installs a hidden version of the Tor browser and other tools designed to steal user data, capture the traffic, and enable stealth communication. It is delivered via a phishing campaign and it’s able to read all internet traffic, even encrypted traffic.
  2. CookieMiner: This malware doubles as a cryptominer and backdoor. If it infects a user’s machine, it can steal cryptocurrency account details and possibly steal user’s funds.
  3. Lazarus malware: An oldie but a persistent threat, Lazarus malware enables attackers to take total control of a device. They use a backdoor linked to a command-and-control server to take over the device.
  4. OSX.Pirrit: This is an adware and browser hijacker that makes money off infected users’ internet searches. It redirects users to dodgy websites and may be able to steal data and spy on users.
  5. OSX.Siggen: This is a malware delivered through a fake WhatsApp app. Attackers can take control of the device through a backdoor.
  6. OSX.Loudminer: This is generally delivered through downloads of ‘cracked’ audio software, including Ableton Live. It will then take over a user’s computer to conduct cryptomining activities.
  7. KeyStealDaemon: This malware leverages a now-patched zero-day that could still infect users who don’t keep their operating system up to date. The malware can steal passwords.
  8. OSX/Linker: This makes use of another zero-day, which Apple hasn’t yet patched. It is delivered through fake Adobe Flash Player installers. Attackers can trick users into mounting a malicious disk image, which they can use to execute malicious codes.
  9. OSX-Mokes and OSX.Netwire/Wirenet:  These mimic legitimate names such as ‘Dropbox’, ‘Chrome’ and ‘Firefox’ to avoid detection. Attackers can create a backdoor that can take screenshots, record keystrokes, and steal user data.
  10. OSX/CrescentCore: This is a dropper that tries to monetise downloads and browser searches on an infected machine through the likes of scareware, bloatware, and search hijack software. “The problem with these PUPs and adware installers is that they eventually grind the user’s machine to a halt with all the unnecessary tasks they run. As well as harm productivity as users are distracted by unwanted browser pages, popups and fake virus alerts.

 

Sources

https://securitybrief.co.nz/story/10-times-malware-proved-that-macos-isn-t-bulletproof

https://www.digitaltrends.com/computing/does-your-mac-need-antivirus/

Real-Time Feedback

When we solve a support ticket, clients are given the choice of leaving good or bad feedback along with an optional comment. We post the 10 most recent comments here automatically and in real-time. You can view even more on our reviews page.

Date Name Comments
Dec 3rd Simon D Always quick and successful. Thanks.
Nov 22nd James A James Did a great job getting me back up and running. Thanks
Nov 21st Tracy N Very quick response and early resolution. Thank you
Nov 21st Justin Superb response, fast and effective as always, many thanks James!
Nov 19th Mathias D My issues was treated very quickly. Very pleased with the service.
Nov 13th Sue T Excellent service and very prompt.
Nov 13th Craig B The quality of support recieved was fantastic again, They got back to me in good time, I have spoken to a couple of different people in the company and I must say the communication is great within the company. Thanks again James Hart for a brilliant set up.
Nov 11th george.... Prompt, polite and gave us confidence. Thanks
Nov 6th Darryl A Good job. Thanks
Oct 25th Debbie H Always helpful