Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Virus/Malware program recommendations? [MERGED]
- Thread starter vjicecool
- Start date
- Sort by reaction score
This is a good collection of articles, written by a highly respected macOS developer, about how–and how well–the malware defenses built into macOS work:
Some important points:
ETA: the original articles, unaggregated, are archived on the author's website here:
eclecticlight.co
Some important points:
- "The effectiveness of the security protection built into current macOS depends on security settings, the malware itself, and the user [italics mine]."
- "...the great majority of users are oblivious of the detection and remediation of malware on their Macs, which occurs in complete secrecy. The answer to my question in the title of this article [How do you know when macOS detects and remediates malware?] is therefore that you don’t know."
- "Getting known malware to run in Ventura 13.1 isn’t an easy task. Even when you do your best to bypass its protection, macOS bounces back and blocks you. In the end, to give the malware a fighting chance of success, I reduced security, disabled SIP, and disabled the security assessment policy subsystem, as reported in detail by SilentKnight."
- "...[XProtect Remediator] scans tend to be run during periods of user inactivity, often in the middle of the night. Currently, daily scans here occur in the hour after midnight..."
ETA: the original articles, unaggregated, are archived on the author's website here:
Mac problem-solving
A list of articles to help you solve problems on Macs running Monterey and later. For older articles about previous versions of OS X, see this article, and this article for more recent ones includi…
eclecticlight.co
Last edited:
That site doesn’t load for me and users should be careful to always access the https address. https://sitecheck.sucuri.net/results/macintouch.com
Blocking “known malware” is the basic function of Gatekeeper. It’s also a very low standard for a security defense in 2023 and can be easily be bypassed by repacking known malware.
Here is an example of macOS defenses being bypassed by simply adding two spaces in the malware script
Code:
https://youtu.be/cAl7epCq0q4?t=2323Referring to “Achilles” CVE-2022-42821 https://www.microsoft.com/en-us/sec...hilles-heel-unearthing-a-macos-vulnerability/
Bringing SIP into discussion is misleading.
I am not aware of any recent malware that tries to disable SIP.
I am not aware of any recent malware that targets users with SIP disabled.
Here is an example of malware stopping its execution when running on a system with SIP disabled
Code:
https://youtu.be/MAgrD3enYSg?t=1632To asses the security provided by Ventura, take a look at the security content of macOS Ventura 13.1 https://support.apple.com/en-us/HT213532
You can find “An app may be able to execute arbitrary code with kernel privileges” seven times and one time “Apple is aware of a report that this issue may have been actively exploited”.
These are mentioned because were reported by security researchers, “good people”. We don’t know how many has Apple silently fixed, that is without publicly acknowledging their existence, nor how many have been discovered by “bad people” and are currently actively exploited.
For an overview, search for Apple in CISA’s “Known Exploited Vulnerabilities Catalog” https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Not all users can upgrade to Ventura and Apple is deliberately letting user vulnerable to know vulnerabilities on previous OS versions.
More here https://www.intego.com/mac-security...y-make-users-security-and-privacy-precarious/
One of the latest examples: CVE-2022-42856 fixed on 9 November 2022 in Ventura, but only on 13 December 2022 on Big Sur and Monterey
https://support.apple.com/HT213504
https://support.apple.com/HT213534
https://support.apple.com/HT213533
As proven here https://forums.macrumors.com/threads/how-safe-is-malwarebytes-for-mac.2378702/post-31920399 Malwarebytes does not scan your entire hard drive.
Get from App Store the free apps
Intego VirusBarrier Scanner https://apps.apple.com/app/intego-virusbarrier-scanner/id1200445649
Bitdefender Virus Scanner https://apps.apple.com/app/bitdefender-virus-scanner/id500154009
and you can select what to scan, including external drives.
As stated by @bogdanw Intego Virus Scanner is great for free, it never runs out. It just won't do real-time scanning etc.
I have had the full Intego suite going back to my G5 PPC Mac.
Re Malwarebytes:
"I have downloaded the free version, but it's only for 14 days"
After the 14-day trial ends, it will offer you an option:
- "upgrade" to the paid version
or
- convert into free version
Choose the free version.
What's the difference?
- the paid version scans in "real-time"
whereas
- the free version only scans when you launch and run it.
The free version is "good enough for me"...
"I have downloaded the free version, but it's only for 14 days"
After the 14-day trial ends, it will offer you an option:
- "upgrade" to the paid version
or
- convert into free version
Choose the free version.
What's the difference?
- the paid version scans in "real-time"
whereas
- the free version only scans when you launch and run it.
The free version is "good enough for me"...
It's not supposed to. It scans vital areas and also constantly scans system memory and any activities going on in real-time. If anything happens, it's on top of it. That's why it scans so quickly. And the near zero hit to computer performance is why I like it. Malwarebytes bought out Adware Medic almost a decade ago, which was an amazing app for Mac. The hate Malwarebytes gets is incredibly undeserved.
The praise Malwarebytes gets is based on false information.
Example of Malwarebytes “real time protection” doesn’t stop installing malware, enter password into malware installer. https://forums.macrumors.com/threads/malwarebytes.2305923/post-31338621
Drag & drop malware inside the Malwarebytes app, with “real time protection” https://forums.macrumors.com/threads/malwarebytes.2305923/post-31342099
I’ll be purchasing a new MacBook Pro in the next couple of weeks. I currently have a 14 year old MacBook Pro and at the time there were less Mac users no never used anti-virus or malware software. I’ll be spending more today then back then on a new computer so want to keep it running as best as possible.
Do you run a maintenance program like Clean my Mac X and an anti-virus/malware/ransomeware program?
Which ones do you recommend and any other software recommendations?
Do you run a maintenance program like Clean my Mac X and an anti-virus/malware/ransomeware program?
Which ones do you recommend and any other software recommendations?
So I used Windows computer ever since I can remember, maybe last 25 years or so… using an antivirus on a Windows machine is like something which goes without saying... But now I just migrated to Mac and before migrating to macOS I heard stories about how macOS does not require antivirus because of the sandbox architecture that it uses, but still as a new concerned user. I want to know, do you guys use any Malware protection, or antivirus on your Mac if yes, which one and in the first place should I be using a Malware Protection or antivirus on my Mac can you please share some light on this Thanks
Never use any antivirus except Malwarebytes if I feel something is suspicious. This goes for macOS and Windows. Both have built in protection that is just as good (and sometimes better) as any third party AV.
And is that by default working in the background or do I need to enable or switch it on ?
Your Mac Is Not Virus Proof. It Never Has Been.
The myth that your Mac is safe from computer viruses may have originated from Apple's commercials in 2006, but it's simply not true.
gizmodo.com
Jamf Threat Labs - Security 360: Annual Trends Report
"While the myth that Mac doesn’t get viruses persists, Jamf Threat Labs tracks around 300 malware families on macOS. In fact, 2023 saw the rise of 21 new malware families on Mac!"
https://www.jamf.com/resources/white-papers/security-360-annual-trends-report/
direct link to pdf https://resources.jamf.com/documents/white-papers/jamf-security-360-report-2024.pdf
"While the myth that Mac doesn’t get viruses persists, Jamf Threat Labs tracks around 300 malware families on macOS. In fact, 2023 saw the rise of 21 new malware families on Mac!"
https://www.jamf.com/resources/white-papers/security-360-annual-trends-report/
direct link to pdf https://resources.jamf.com/documents/white-papers/jamf-security-360-report-2024.pdf
Doesn't prevent you from passing it on to other (huge problem if you use your mac in any kind of professional capacity), nor storing it with data at rest.
I use BitDefender, is also great for proactive scanning email and email attachments, not just on access.
What do you mean by that? What makes you ask that question?
But yes, my answer is yes. It is not just good enough. It is excellent.
Do you need a paid version (of any of anti-virus scanners), I'd suggest yes if you use your Mac in a professional capacity and interact with clients? Nope, if you use it purely for private use, the free versions do a good enough job and you don't need to evidence it to anyone that you have protection in place.
Sometimes it can be a little too cautious.
“Problems with CrossOver Mac and Anti-Virus Software”https://support.codeweavers.com/en_...re-eg-bitdefender-avast-and-avg-and-crossover
But the Deep System Scan can find even phishing PDFs in Thunderbird’s email messages.
Yes I mean what I meant was, since it is free does it do the job fully and well ?