Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Malwarebytes

C

chefwong

macrumors 6502
Original poster
Jan 17, 2008
466
30
Just installed Malwarebytes with all this stuff in the news...

Just thinking outloud. For real time background scanning, full disk access is required to be enabled.
Geez, I recall reading how software packages on Github, etc have been breached and loaded with stuff. What is MB got breached and I got it on their next package update.

Overthinking this right now....
But curious for those that run MB on your Mac. Thoughts on enabling FD Access in order for -real time- scanning to work
 
Any software can get breached. For that matter Apples update system could be breached. You just hope their security experts are better than the bad guys.

There's only one way to protect your data. You need an air gapped backup. Have at least two backup drives. Rotate them with one always disconnected while the other is connected.

That way the most you can ever lose in a ransomware hack. Is anything not backed up between rotations.

An off site backup is also good. Something like Backblaze. So if your house is robbed or burns down. Your data is out there. If you're worried about them being hacked. Many offer private encryption keys you generate. This option offers you better protection as they can't access it ever. The downside being if you lose your password and key. They can't recover your backup.
 
  • Like
Reactions: 0128672, KaliYoni and chefwong
chefwong said:
For real time background scanning, full disk access is required to be enabled.
Click to expand...
One way to approach this choice is to think about which carries a higher risk for you, given the data on your computer and what you use your computer for: not having real time scanning or the possibility of a successful attack on Malwarebytes.

For example, if you only use your computer to watch videos and listen to music, real time scanning might not be necessary. In contrast, if you own a business and keep client billing and payment information on your computer, you probably want the security levels real time scanning offers even though you have to grant MWB full disk access.

You also could hold off on granting full disk access until you do enough research to feel MWB and its developer are trustworthy. If you never reach a comfort level, which is OK of course, simply do manual scans.
 
i have a question regarding MWB:

i only want to do on-demand offline scans without having it running all the time as a background process.
is this possible, or will some parts of it always be running in the background?
 
"i have a question regarding MWB:
i only want to do on-demand offline scans without having it running all the time as a background process.
is this possible"

Yes.
I've always used MB in this manner.

Download the "home" trial version.
It -may- run "in the background" (as well as "on-demand") during the trial process (it's been a while and they may have changed the routine).

BUT... at the end of the trial period I believe you get a dialog that offers you the options of
a. upgrading to the "paid" version (with in-the-background scanning)
or
b. convert to the "free" version (which is "on-demand" only, NO background scanning).

This is what works for me.
 
  • Like
Reactions: Tagbert and icanhazmac
thanks,

to clarify:
i'm curious if some parts are still running (as could be seen in the Activity Monitor), as you could disable let's say Apple's Universal Control that was recently introduced in macOS 12, which then won't do anything at all anymore, but it is actually still running in the background, occupying system resources. Granted, not much, but still.
 
I've not taken any special steps to disable anything. "Malwarebytes Agent" is still running in the background, even though I've long since been converted to the free version.

I'm not sure if disabling it would impact the startup of the on-demand application.
 
the need depends on your use case, as macOS already has anti malware measures built in. They just work a bit too much in secrecy for my liking and you also can not scan some USB stick you get given by other people in advance before actually opening/installing/starting files of unknown origin.

so you might not actually need it, especially if you are careful and don't blindly click any suspicious link or visit illegal, or just filthy websites, but dedicated scanners with manual control actually give you some transparency when/if they actually do something and also some more security on top, as you can scan stuff before actually opening it, if not simply for the peace of mind
 
If you download the FREE version of MalwareBytes (which runs only "on demand"), there is nothing that will be "running in the background" -- no "performance hit".

Only the "pay for" version does constant "scanning". Unnecessary, in my opinion.
 
i've read conflicting opinions on this subject. some say that there doesn't seem to be a dedicated "free version", only one that can either be trialed for 30 days or so and then either be paid for, or converted to a free version which will then only do on-demand scans from that point

just tried to download and i too only found one version which thanked me for downloading the trial version (even though i didn't accept the download, thus having not actually downloaded it)
maybe there is a truly "free / on-demand only" version hidden somewhere?
 
unregistered:
"i've read conflicting opinions on this subject. some say that there doesn't seem to be a dedicated "free version", only one that can either be trialed for 30 days or so and then either be paid for, or converted to a free version which will then only do on-demand scans from that point"

You've read wrong.
I've always used the free version.
Just ran it ten seconds ago.
Took 21 seconds to scan my internal drive (2018 Mini).

You download "the trial version".
AT THE END OF THE TRIAL PERIOD, it will offer you the option of paying for it, or "converting" to the free version.
At least that's how it seemed to go last time I tried a download.
 
  • Like
Reactions: gilby101
unrigestered said:
i've read conflicting opinions on this subject. some say that there doesn't seem to be a dedicated "free version", only one that can either be trialed for 30 days or so and then either be paid for, or converted to a free version which will then only do on-demand scans from that point

just tried to download and i too only found one version which thanked me for downloading the trial version (even though i didn't accept the download, thus having not actually downloaded it)
maybe there is a truly "free / on-demand only" version hidden somewhere?
Click to expand...
There is only one version. At end of live trial you either pay for live, otherwise app reverts to free on-demand only. Agreed with previous posts, the free version is fully adequate for most situations. The paid version of course supports development… The live scan version has no noticeable impact on performance.
 
  • Like
Reactions: gilby101
yes, but svenmany mentioned in post #7 that it is running in the background for him, despite using the "free version" (which according to Fishrrman's post (#11) is a separately downloadable free version? then next time it is not anymore?)

i'm sure it won't affect performance much, even if it happens to still run in the background, but my OCD prefers a scanner that does just this: scan on demand... and literally is non-existent otherwise (other than staying on my hard drive of course), meaning 0.000000000000000000% CPU usage, and 0 bit of RAM usage unless i launch it manually and only stays active until i close, or CMD+Q it.

i'm also not desperately looking for a scanner, as i am pretty careful anyway and i didn't have any findings even on Windows since i moved to Win 7 in 2010 (had a few minor "false alarms" before that (at least according to google) on XP though) and also never noticed any misbehaviors on my iPads too, which i'm using since 2012 w/o any additional scanners.
during my time on Windows i had been using Norton Defender, which came pre-installed, until the one year free license (i think) expired, then Avira free, later on switched to Windows Defender, which i'm still using (when i happen to still fire up my trusty old duo core laptop from 2010)

it would mainly just be for my peace of mind sometimes.
so if it is indeed only running while launched manually, i would be interested at one point.
If not, also fine, as the chances seem to still be quite good that i quite likely still won't run into all that much trouble in the near future too.
 
bogdanw said:
One can only wonder why Malwarebytes does not submit Malwarebytes for Mac for testing to AV-Comparatives and AV-TEST.
Click to expand...
That's easy. Malwarebytes for Mac is targeted at Mac malware. The AV test sites are targeted at Windows malware, so are irrelevant to the purpose of Malwarebytes for Mac.
 
"yes, but svenmany mentioned in post #7 that it is running in the background for him, despite using the "free version" (which according to Fishrrman's post (#11) is a separately downloadable free version?"

It looks like they've made changes in how one OBTAINS "the free version".

You used to be able to just download AS "the free version", and it would not run in the background.

I believe they may have changed that, so that now one downloads the "trial" version which (as big bad d explains above) runs "in the background" during the trial period (which is free).

When the trial period ENDS, it gives you the choice of either paying to keep the "in the background" [full] version, OR, you can opt out and it converts itself into the free version which runs only "on demand".

Confusing, but one can still "use it for free" if one wishes...
 
gilby101 said:
That's easy. Malwarebytes for Mac is targeted at Mac malware. The AV test sites are targeted at Windows malware, so are irrelevant to the purpose of Malwarebytes for Mac.
Click to expand...
You ignored the links for Mac tests, so here they are again
https://www.av-comparatives.org/list-of-av-vendors-mac/
https://www.av-test.org/en/antivirus/home-macos/

unrigestered said:
my OCD prefers a scanner that does just this: scan on demand... and literally is non-existent otherwise
Click to expand...

If you want to scan downloaded files before opening them, use https://www.virustotal.com/
Free, real time protection from malware - BlockBlock https://objective-see.org/products/blockblock.html
Free malware scan - KnockKnock https://objective-see.org/products/knockknock.html

Malwarebytes can’t even protect themselves, they found out they were hacked from others https://www.zdnet.com/article/malwa...ed-by-the-same-group-who-breached-solarwinds/

And they might be stealing code https://www.theverge.com/2022/8/11/23301130/patrick-wardle-mac-code-corporations-stealing-black-hat
 
  • Like
Reactions: Queen6, weird_method and unrigestered
thanks for the links!

btw: what's your take on this?
how "secure" do you think you are if you just relied on macOS malware detection/prevention measures vs additional scanning services that can also scan in advance, before actually opening/installing files?
i know that the most important factor for security is sitting in front of the screen, but you can never be sure if your system hasn't already been compromised.
i can only say that i never had any problems before, even on that allegedly "security mess" called Windows (nor on iOS/ipadOS, but i never used dedicated scanning software on these)
 
unrigestered said:
how "secure" do you think you are if you just relied on macOS malware detection/prevention measures
Click to expand...
Apple’s measures are very easily bypassed by asking users politely to right-click to open malware.
https://securelist.com/shlayer-for-macos/95724/
A longer post here https://forums.macrumors.com/threads/security-updates.2352472/post-31285300
and The Mac Malware of 2021 https://objective-see.org/blog/blog_0x6B.html

unrigestered said:
i can only say that i never had any problems before, even on that allegedly "security mess" called Windows
Click to expand...
If you did’t get infected on Windows, I would say it’s highly unlikely you will catch some macOS malware :)
 
svenmany said:
The article at your link says the developer didn't reveal the names of the three companies whose developers stole the code. Do you have a reference that indicates one was Malwarebytes?
Click to expand...
No, I don’t. Just conjecture at the moment.
gilby101 said:
No, I didn't ignore. Those vendors run on macOS, but success in the tests is mostly about detecting Windows malware. That can be important for Macs in a Windows based enterprise environment, much less so for the average Mac home user.
Click to expand...
AV-Comparatives https://www.av-comparatives.org/tests/mac-security-test-review-2022/
“Test Procedure
The Malware Protection Test checks how effectively the security products protect a macOS Monterey system against malicious apps. The test took place in May 2022, and used macOS malware that had appeared in the preceding few months. We used a total of 471 recent and representative malicious Mac samples.”
AV-Comparatives’ Mac Certification requirements
Please note that detection of Windows malware is not a certification requirement.

AV-Test
Test of security products for MacOS
“In comprehensive tests involving protection, products are required to provide the best possible detection against different types of attacks especially aimed at MacOS.”
https://www.av-test.org/en/about-the-institute/test-procedures/
 
  • Like
Reactions: gilby101
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back