A little too cautious as in does it ignore things ? Your Screenshot maybe suggest that ? Correct me if I am wrong ?
Last edited:
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Virus/Malware program recommendations? [MERGED]
- Thread starter vjicecool
- Start date
- Sort by reaction score
A little too cautious as in does it ignore things ? Your Screenshot maybe suggest that ? Correct me if I am wrong ?
No. In the sense that it detects more than it’s actually dangerous for macOS. Like CrossOver files.
I selected in its settings Ignore (Action for infected & suspected items – Take no action) because I want to review before deleting something.
Ok, Bitdefende also do a paid for version.
The free version is the same; virus updates aren't as regular, it also won't scan email traffic unless access on incoming mail, and not on outgoing. There are a few other things. But for non-professional use, any of the free antivirus programs for the mac will be sufficient.
Bitdefender: "New Variant of Atomic Stealer in the Wild" https://www.bitdefender.com/blog/la...ge-new-variant-of-atomic-stealer-in-the-wild/
An interesting article in PC Gamer (Apple News):
A Windows XP machine's life expectancy in 2024 seems to be about 10 minutes before even just an idle net connection renders it a trojan-riddled zombie PC
Now there are a lot of caveats. Windows, XP at that so much better protections in current software. MacOS not as big a target, might be intrinsically more secure. But that means that if you are connected to the internet someone is going to be knocking on your door almost constantly. Relying on just one lock (MacOS built in protections) seems risky. I want a deadbolt in addition to the standard lock, maybe several, along with a reinforced door and other protective measures.
macOS built-in protections comprise more than just "one lock":
https://support.apple.com/guide/security/protecting-against-malware-sec469d47bd8/web
https://support.apple.com/guide/security/gatekeeper-and-runtime-protection-sec5599b66df/1/web/1
That said, no software will ever protect the user from themself.. the user is always the weakest link in the security chain.
Before I answer it..
Are you looking for Windows based viruses (that won't run on MacOS), or MacOS viruses?
Are you looking for Windows based viruses (that won't run on MacOS), or MacOS viruses?
I would look for a lightweight option, I use Malwarebytes, I find it doesn't impact system resources and provides a good level of protection.
I've not heard good things about AVG and Avast (they're owned by the same company). Norton is generally derided and condemned as a horrible product.
Correct me if I'm wrong but surfshark was generally a VPN company, I'd probably not trust them (yet) for malware protection.
I've not heard good things about AVG and Avast (they're owned by the same company). Norton is generally derided and condemned as a horrible product.
Correct me if I'm wrong but surfshark was generally a VPN company, I'd probably not trust them (yet) for malware protection.
There are many vectors bad actors can use now a days and the ideal that MacOS is so good and impenetrable is a myth that needs to die - Complete list of Mac viruses, malware and trojans
None for MacOS.
Antivirus software provides attack vector for bad actors. ( crazy, I know, it is what I do )
While mayflynn is correct that Macs are not immune to malware ( running malwarebytes every month or so should keep you mostly safe, especially if you are an inexperience user, clicks links in emails, installing extensions in browser, etc ) and viruses, they are very resistant to most.
My macs and debian systems ( windows test computers only use defender ) do not have antivirus running on them.
PS. The TI-99/4A is still virus free after 42 years!
Antivirus software provides attack vector for bad actors. ( crazy, I know, it is what I do )
While mayflynn is correct that Macs are not immune to malware ( running malwarebytes every month or so should keep you mostly safe, especially if you are an inexperience user, clicks links in emails, installing extensions in browser, etc ) and viruses, they are very resistant to most.
My macs and debian systems ( windows test computers only use defender ) do not have antivirus running on them.
PS. The TI-99/4A is still virus free after 42 years!
Generally, both Apple's and Microsoft's build in anti-malware (antivirus, system integrity) measures are fine... In both cases, so long as you don't defeat them in fits of frustration when an app you want to try turns out to be poorly designed, can't play by the rules.
Another important aspect is not to have your normal daily user account as admin. Apple has a setting to make you re-authenticate to perform certain admin actions, but the nature of malware is to skirt around those triggers. Better to just run as normal user. Another layer of the security onion.
Ironically, some anti-malware apps/solutions force you to defeat certain build in layers of security, so they can fully run, making those anti-malware apps THEMSELVES attack vectors. As an analogy, consider... hypothetically... a password vault app itself getting hacked. But, seriously, what are the odds that could never really happen? Other than 💯%
All that said, I occasionally run Malwarebytes manually for a quick scans, sanity checks, particularly on removable media that I carry and connect to client systems.
Another important aspect is not to have your normal daily user account as admin. Apple has a setting to make you re-authenticate to perform certain admin actions, but the nature of malware is to skirt around those triggers. Better to just run as normal user. Another layer of the security onion.
Ironically, some anti-malware apps/solutions force you to defeat certain build in layers of security, so they can fully run, making those anti-malware apps THEMSELVES attack vectors. As an analogy, consider... hypothetically... a password vault app itself getting hacked. But, seriously, what are the odds that could never really happen? Other than 💯%
All that said, I occasionally run Malwarebytes manually for a quick scans, sanity checks, particularly on removable media that I carry and connect to client systems.
OP you should add “No AV” as the option, which from my experience is the best one. I & my family use Mac for 15+ years, we don’t use AV at all. All is fine.
I use Malwarebytes as it was recommend by Apple when I was having some anomalies with my computer about 15 years ago. At the time it was more malware and adware centric, but has added antivirus capabilities over the years.
For people that do not use their computer for other than surfing the web reading articles and email I have installed Sophos as it does a good job with email type phishing attacks.
As many people have mentioned the Mac has very good antivirus builtin, though there have been some recent finding of vulnerabilities in their hardware. Antivirus programs available today will not protect against those.
The best defense is to be cautious with what you do on your machine. Do not open links or docs that you do not know and trust the sender. If you are really concerned contact the sender to insure they sent the file.
Lastly most people will not be targeted for an attack as we are not worth the effort, no highly sensitive info, or money to make the effort. The random viruses that try to steal CC or identity info are generally protected against with the built-in protections.
For people that do not use their computer for other than surfing the web reading articles and email I have installed Sophos as it does a good job with email type phishing attacks.
As many people have mentioned the Mac has very good antivirus builtin, though there have been some recent finding of vulnerabilities in their hardware. Antivirus programs available today will not protect against those.
The best defense is to be cautious with what you do on your machine. Do not open links or docs that you do not know and trust the sender. If you are really concerned contact the sender to insure they sent the file.
Lastly most people will not be targeted for an attack as we are not worth the effort, no highly sensitive info, or money to make the effort. The random viruses that try to steal CC or identity info are generally protected against with the built-in protections.
That's the Big Secret Handshake, though. Since 2009, MacOS includes decent anti-malware screening in the OS. Microsoft starting bundling Defender about that same time.
People, however are a persistent weakness, which is why we should all vote for the Skynet Support Act. There are forms of malware that build slowly in user mode, not triggering blocks or warnings from any anti-malware system - because the discreet sub-components might not be malicious until assembled with other subcomponents.
It's good practice to use a script/mobile-code blocker, such as NoScript, in Chrome (incl. Edge) and Firefox. And make sure the other fringe browsers have that feature, or allow code blocking as an extension. Safari has a form of code blocking, albeit not with granular settings.
👆THIS 100%. The exact same condition as certain Intel chipsets.
I would go with none. Just use MacOS built in anti-virus software and use good information security practices. Almost all viruses are acquired by installing cracked software programs, or if you're a high targeted individual.
As @mmkerc pointed out, generally hackers will invest their effort on enterprise where lots of tired, frustrated, anxious people process lots of large transactions, or where the services are critical to society. Like government, hospitals and universities. But a certain style of hacking focuses on low-hanging fruit, easy picking of many small takes. Yet other hacks are simply exploratory or simply for disruption to brag about in seedy netrunner bars.
With respect to TARGETED attacks - e.g., spear-phishing and whaling - certain signals of wealth, or wealthy connections are out there to harvest by exfiltration or personal data sold by aggregators, or sold by businesses we trust. And, as individuals go, Mac users might be considered a viable demographic, because Mac People spend more on gear, and don't believe there is malware for Macs
(present company excepted, I guess).
Signals of "maliciously harvestable wealth" are not necessarily overt, or individually conclusive; however, taken together they could build a certain profile. Such signals might include posting on Apple-oriented forums, being of retirement age, association with securities brokerages, queries about crypto-coin/wallets, dozens of other bad habits such as yammering on about Porsches and horses 😳
In time, probably not much time, AI filtering and targeting will be able to suss out targets among those who keep presence on the internet to a barest minimum... and then target them with custom one-off trojans and worms. It's too late to fuss or resist - eventually the only plan is a recovery plan, because once quantum cutting gets out of the lab, you WILL get popped like a packet of ketchup. Or a grape. Or a watermelon if you remember Gallagher at all... F, I'm old...
With respect to TARGETED attacks - e.g., spear-phishing and whaling - certain signals of wealth, or wealthy connections are out there to harvest by exfiltration or personal data sold by aggregators, or sold by businesses we trust. And, as individuals go, Mac users might be considered a viable demographic, because Mac People spend more on gear, and don't believe there is malware for Macs
(present company excepted, I guess).Signals of "maliciously harvestable wealth" are not necessarily overt, or individually conclusive; however, taken together they could build a certain profile. Such signals might include posting on Apple-oriented forums, being of retirement age, association with securities brokerages, queries about crypto-coin/wallets, dozens of other bad habits such as yammering on about Porsches and horses 😳
In time, probably not much time, AI filtering and targeting will be able to suss out targets among those who keep presence on the internet to a barest minimum... and then target them with custom one-off trojans and worms. It's too late to fuss or resist - eventually the only plan is a recovery plan, because once quantum cutting gets out of the lab, you WILL get popped like a packet of ketchup. Or a grape. Or a watermelon if you remember Gallagher at all... F, I'm old...
None.
Name ONE "Mac virus" that has been found "in the wild" since the introduction of OS X.
(not in test environments, but actually "in the wild")
Name ONE "Mac virus" that has been found "in the wild" since the introduction of OS X.
(not in test environments, but actually "in the wild")
Er Mah Gerd... This sorta makes my case regarding Mac Malware Denial:
- SilverSparrow
- MacStealer and Atomic Variants
- XLoader
- HVNC
- JokerSpy
- RustBucket
FWIW, the really clever, successful ones never get IOCs (Indicators of Compromise) or CVEs (Common Vulnerability Enumeration), because they aren't conventionally visible or discoverable... (Or because state actors save them for special occasions). Enjoy your peace of mind.
To be fair, it exists in Apple Silicon as well. Any predictive processing a chip does can be viewed/hijacked. The setup is pretty complex on Apple Silicon; I only know of a lab case where it was done, it really just matters how determined the attacker is... and how well funded.
I do not believe this is 'wild' yet as it requires actual programmers ( not script kiddies ) to implement.
Unpatchable vulnerability in Apple chip leaks secret encryption keys
Fixing newly discovered side channel will likely take a major toll on performance.
arstechnica.com
Georgia Tech making me proud! Go Team!
PS: M3 has a hardware fix that may may impact performance. No testing as of yet on the performance differences.
I've worked for multiple leading AV companies (+ EDR) - the only reason to run it on a Mac is compliance.
Other than that, don't.
(we currently use Crowdstrike; previously used Cylance)
Other than that, don't.
(we currently use Crowdstrike; previously used Cylance)