Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Malware on MacBook Air M1

A

AlphanumericOne

macrumors newbie
Original poster
Sep 21, 2023
9
0
Hello everyone,
A week ago, I downloaded an image file ( JPEG ) via chrome browser to make it wallpaper on my MacBook Air M1 running Ventura 13.5.1. When I tried to open it, it didn't opened in preview app ( default one ) and popped up something like invalid file format or something ( I don't clearly remember ).

I got a little paranoid an ran multiple antivirus test ( malwarebytes, avast, avg, kaspersky) and they all found none threats.

So my question is like am I safe? or how safe is my Mac from these kind of things. How are the protection services running on Mac. Should I be worried that there can be a malware hidden in the deep which my antivirus aren't detecting and can launch itself in future?

Please help me if you can.

Thank You
 
Fishrrman

Fishrrman

macrumors Penryn
Feb 20, 2009
29,239
13,312
Have you tried MalwareBytes?

It's a free download.
It offers a 30 day trial (or something like that).
At the end of the "trial", it asks you to subscribe.
BUT... you can also decline to subscribe and just continue to use it as its "free version".
That works fine for me.
www.malwarebytes.com

Mac Virus Scan | 2024 Mac Antivirus and Anti-Malware

Malwarebytes Antivirus for Mac (2024) scans & removes viruses, adware, ransomware & other Mac malware. The Mac antivirus protects you & your mac so it keeps running.
www.malwarebytes.com www.malwarebytes.com
 
  • Like
Reactions: Chuckeee
A

AlphanumericOne

macrumors newbie
Original poster
Sep 21, 2023
9
0
Fishrrman said:
Have you tried MalwareBytes?

It's a free download.
It offers a 30 day trial (or something like that).
At the end of the "trial", it asks you to subscribe.
BUT... you can also decline to subscribe and just continue to use it as its "free version".
That works fine for me.
www.malwarebytes.com

Mac Virus Scan | 2024 Mac Antivirus and Anti-Malware

Malwarebytes Antivirus for Mac (2024) scans & removes viruses, adware, ransomware & other Mac malware. The Mac antivirus protects you & your mac so it keeps running.
www.malwarebytes.com www.malwarebytes.com
Click to expand...
Yup, tried that one too. Didn't found any threats.
 
Spaceboi Scaphandre

Spaceboi Scaphandre

macrumors 68040
Jun 8, 2022
3,414
8,106
AlphanumericOne said:
So like can there be a malware hidden in the OS which could spy me?
Click to expand...

You already did multiple scans that came back negative. You're good. These things happen I've had music files that were corrupted that wouldn't open in the past. After redownloading said files it fixed it.

And even if there was a real threat the solution to remediate is simple: Just reinstall macOS. Easy.
 
A

AlphanumericOne

macrumors newbie
Original poster
Sep 21, 2023
9
0
Moderator note: This post was merged from a duplicate thread

Hello everyone, I have a MacBook Air M1 (2020) running macOS Sonoma 14.0. About 3 weeks ago I was searching online for some wallpapers to use on my mac and some an interesting one. When I downloaded it using chrome browser and tried to view it ( pressing spacebar ) also tried to open it ( by preview ), it didn't went as expected and showed some kind of an error message which I haven't seen before ( new in macOS ). I got scared that maybe I have got a malware by mistake and ran every antivirus scan as possible ( after downloading them and installing them ) but none of them found any threats and my device in running as normal as ever.

Now I have some questions about the whole situation, please if someone here has some knowledge about it, help me :-

1. Can my mac get malware from that image file?
2. Can that image file install some malicious application in background without me knowing it?
3. If my mac is infected ( by any chance ), can the malware spread to my wifi router and infect other devices ( windows, android etc )?
4. I didn't had an antivirus installed on my mac previously, I downloaded and installed them after all of this mess, so, can something happen like the malware made some changes in the antivirus installation or in its file so that it can go undetected by it and somehow escaped the scan?
5. Can there be any sort of spyware that got in the system and isn't working now but will activate in future?
6. What should I do now besides formatting the whole OS and reinstalling it, can the malware go deep in it and return even after fresh install?

Please help me, I am too scared.
 
Last edited by a moderator:
U

unrigestered

Suspended
Jun 17, 2022
879
840
in theory, it is possible to get infected this way, but i would say pretty unlikely that it happened

but don't use malware detection on Mac, especially not multitudes of those. it already has built in detection and remediation.
not saying that it is perfect, but personally i would just upload new / unknown files to virustotal.com, which will do the scanning for you with 60+ scanners (including Kaspersky, Microsoft and other big names) and will also analyze it's behavior on a couple of virtual machines.
keep in mind though that this is not private, so don't use this with personal, or otherwise confidential material

if you really want to make sure that your system is clean, there are only a handful of locations where persistence can be established on a Mac, mainly
1. /Library/LaunchAgents
2. /Library/LaunchDaemons
3. ~/Library/LaunchAgents

depending on what you've already installed, these directories can be completely empty (don't forget to toggle Finder to view hidden files via SHIFT + CMD + . , just in case someone wanted them to be hidden)
the third directory might not even exist.
if there is anything inside them that you're not aware of that you have installed yourself, like some plist about Microsoft, but you've never installed something from MS, this might be suspicious.

you could also open the Terminal and enter
crontab -l
Click to expand...
to see if something fishy is set to load periodically

but you could also check if there are now multiple users that you have not set up, or if there are unfamiliar Login Items in the system settings


TL;DR version:
easiest way to check all that, if you are not that familiar with macOS yet, is simply install KnockKnock from https://objective-see.org which will look for malicious traces in all those (and more) locations and don't forget to get rid of most (if not all) malware tools you might have installed, or at least just limit it to just one.

and of course use virustotal.com on unknown files if it's not personal information
 
A

AlphanumericOne

macrumors newbie
Original poster
Sep 21, 2023
9
0
unrigestered said:
in theory, it is possible to get infected this way, but i would say pretty unlikely that it happened

but don't use malware detection on Mac, especially not multitudes of those. it already has built in detection and remediation.
not saying that it is perfect, but personally i would just upload new / unknown files to virustotal.com, which will do the scanning for you with 60+ scanners (including Kaspersky, Microsoft and other big names) and will also analyze it's behavior on a couple of virtual machines.
keep in mind though that this is not private, so don't use this with personal, or otherwise confidential material

if you really want to make sure that your system is clean, there are only a handful of locations where persistence can be established on a Mac, mainly
1. /Library/LaunchAgents
2. /Library/LaunchDaemons
3. ~/Library/LaunchAgents

depending on what you've already installed, these directories can be completely empty (don't forget to toggle Finder to view hidden files via SHIFT + CMD + . , just in case someone wanted them to be hidden)
the third directory might not even exist.
if there is anything inside them that you're not aware of that you have installed yourself, like some plist about Microsoft, but you've never installed something from MS, this might be suspicious.

you could also open the Terminal and enter

to see if something fishy is set to load periodically

but you could also check if there are now multiple users that you have not set up, or if there are unfamiliar Login Items in the system settings


TL;DR version:
easiest way to check all that, if you are not that familiar with macOS yet, is simply install KnockKnock from https://objective-see.org which will look for malicious traces in all those (and more) locations and don't forget to get rid of most (if not all) malware tools you might have installed, or at least just limit it to just one.

and of course use virustotal.com on unknown files if it's not personal information
Click to expand...
Sure, I will do that immediately
 
U

unrigestered

Suspended
Jun 17, 2022
879
840
it means that the file is just incompatible with the viewer you've used

as you've said, you have scanned your system multiple times with no findijgs

unless you are a high level target, you can stop worrying
but as you've said that you've downloaded the image yourself and it wasn't sent to you, it doesn't really look like a targeted attack and malicious images out in the wild don't really seem to be a thing... at least i don't think that i've ever stumbled upon one.

if you are, use something like KnockKnock to check your system (or manually check those most common locations i've listed before) and upload the suspicious wallpaper to virustotal.com for the peace of mind

if that is not enough, you will have to dig in deep into monitoring your network traffic, or use some outgoing firewall like Lulu to stop unwanted outgoing traffic from your computer into the net, which again can be obtained from https://objective-see.org and is free, same as the aforementioned KnockKnock

but the monitoring, firewalling, and wading through system logs, depending on your experience, may not exactly be self explanatory and convenient to handle
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom