Nov 19, 2019 FAQ: Antivirus protection requirements for Mac. We all must have heard most of the Mac users say that 'Mac doesn't need antivirus software' and believe that Mac OS X protects you against all threats already. However, recent findings suggest that Mac is not immune to viruses, trojans, backdoors, adware, spyware, and other nefarious applications. Wondering whether you need antivirus software to protect your Mac? MacOS is more secure than Windows, but you'd be wise to look carefully at your security options because Macs can get viruses.
Your Mac is not immune to threats — yet. Our free Mac antivirus protects on 3 fronts. Malware isn’t the only threat to your Mac. Malicious websites and vulnerable Wi-Fi networks can also jeopardize your safety. Avast Security provides essential free protection against all 3 threats, and our new Premium version goes the extra mile to expose Wi-Fi intruders and stop ransomware.
We all must have heard most of the Mac users say that 'Mac doesn't need antivirus software' and believe that Mac OS X protects you against all threats already. However, recent findings suggest that Mac is not immune to viruses, trojans, backdoors, adware, spyware, and other nefarious applications.
I don't have many applications installed on my Mac. Am I protected from threats?
Is Antivirus Needed For Mac
- The default applications on Mac OS, and other third-party applications have and will continue to have security issues or the vulnerabilities that can allow some form of attack. Most recently, a new vulnerability 'Bash Bug' or 'ShellShock' was discovered that potentially affects most versions of the Linux and UNIX operating systems, in addition to Mac OS X. Learn more about this vulnerability and how Norton for Mac protects from the Bash Bug.
I visit only known websites on Mac. Why should I install an antivirus?
- There is an increasing threat from the software attacks that take advantage of vulnerable web browsers. A trend has been observed whereby new software vulnerabilities are exploited and directed at web browsers through use of compromised or malicious websites. Number of factors makes this problem worse, including the following:
- You may click on links without considering the risks of their actions.
- Website addresses can be disguised or take you to an unexpected site.
- Certain web browsers are configured to provide increased functionality at the cost of decreased security.Remote desktop for mac to mac download. Supplying a user-friendly name isn't required, but it can be useful if users plan to connect to a particular host on a regular basis.
- Many websites require that you enable certain features or install more software, putting the computer at additional risk.
However, there are some cases where Antivirus software may be needed. For example:- If you need to use older software containing known vulnerabilities, such as older versions of Java or Flash.
- If you use a Mac in an environment where antivirus software is required
- If you frequently trade files with Windows users and don't want to be accused of passing on a Windows virus
- If you want the peace of mind and don't mind installing a software that may interfere with the normal operation of your system
- If you can't be bothered to give any thought to what you download, though this is a very dangerous attitude in today's Internet world.
- If you are not at all tech savvy and have trouble accurately determining what is trustworthy and what is not
- If there is a major change in the malware affecting Mac users
I often get asked 'Should I use Antivirus software on my Mac?' The answer is: it depends.
Note: This is a multipart article, Part 1 is available here
The risk of getting infected on macOS is significantly lower than on Windows. But it is not completely zero. It is hard to find any good study on this topic (here is one), but this is a widely accepted fact at the moment. There are many factors which contribute to this lower risk:
- Fewer people use macOS than Windows
- macOS upgrades (major releases) are typically free for a longer time than the Windows, therefore more Mac users update their OS than Windows users. Microsoft started the free upgrade from Windows 7 to Windows 10 some years ago, but previously, an upgrade like this was not free.
- People using macOS tend to pay for their software and are less likely to pirate it from shady sites. Pirated software may contain adware, backdoors and hidden Bitcoin miner software that may harm your computer.
Personally, I am not a fan of macOS Antivirus. macOS Antivirus never was the focus of development at AV companies. It is mostly reactive, and there are a lot less proactive features in it than in the Windows counterpart. For example, on Windows, AV can warn when a program accesses the webcam. On macOS, the AV can turn off the webcam, but it can’t warn when a program accesses the webcam.
When looking at independent tests of macOS Antivirus, you have to know that most labs do not have access to the latest macOS threats, so they tend to test with old and known malware. Which means the gap between synthetic test results (100%) and real life are even wider than in the case of Windows Antivirus tests. In other words, anti-malware tests you may read in magazines can be very misleading, as these tests are far from representing the real-life situation.
Also, macOS includes its own AV called GateKeeper, which does a basic job of preventing the user from running malicious programs. GateKeeper prevents known malware from starting and warns the user if (s)he tries to execute unsigned stuff.
But there are ways around GateKeeper. For example: scripts (e.g. Python). Or Microsoft Office macros. Or in-memory malware. Or probably tens (hundreds?) of other ways. These techniques all can circumvent the built-in protection on Mac, which the more sophisticated malware products frequently do.
So then how do I protect myself?
Best Free Antivirus For Mac
Instead of focusing on Antivirus, I recommend people install software which can restrict unauthorised access to critical parts of the operating system.
Networking
One of the best security tools for macOS is Little Snitch. It is a software firewall which will notify the user every time an unknown application starts to communicate over the Internet. Training it in the first few days can be a bit time consuming, but after this time it performs nicely.
Problems can arise with application updates themselves not causing rules to not work anymore. Online meeting applications (GoToMeeting, Webex) can be particularly troublesome – these are updated frequently, and they may try to communicate with hosts on arbitrary ports.
File Access
Another great macOS tool is F-Secure X-Fence (formerly Little Flocker), which monitors read and write file access. The same training concept applies as with Little Snitch – after the initial training period, it just works.
On the above screenshot, Microsoft Word tried to read/write/execute the
133t_0day.sh
. If the user blocks on Deny, this exploit is blocked.Persistence
BlockBlock is a tool which alerts users when a program is installed that tries to execute itself every time the computer boots. Most malware uses some form of persistence to stay on a host after a restart. Because malware at some point in time has it to register itself with the OS; there are few ways to persist in an OS and most malware uses the same techniques, so this can be detected by AV software.
Note that I have not had first-hand experience with BlockBlock.
On the screenshot, the
osxMalware
application tried to install itself, so it starts with every boot of the system. By clicking on 'Block', the user can block this action.Conclusion
By supervising the network communication, file access and persistence, users can create a safe environment, where totally new and unknown malware can be blocked. But these solutions can be a pain for novice users.
But trusting AV on macOS is not as a good choice as it is on Windows. For example, the following article details a malware campaign targeting macOS users, which went unnoticed by most macOS AV engine.
If you are a novice user, you can try to protect yourself with AV designed for macOS, but don’t expect much.
If you are a security conscious macOS user with some experience in IT, there are steps you can take to sleep better at night without AV (see Little Snitch, X-Fence or BlockBlock). While a determined attacker may find ways around your defences, whitelisting network, file access and OS service persistence is a good start against common threats.
Sabri on Twitter
CIA bypassed Little Snitch by injecting its malware into the browsers. Could have still been spotted with activity monitor
Zoltan (@zh4ck) is a full-time AntiVirus bypasser and public speaker from Hungary. He frequently rants on Twitter about how people should try things harder. He has experience from both blue and red side, and enjoys the cat and mouse game between attackers and defenders.
![No antivirus needed for mac os No antivirus needed for mac os](/uploads/1/3/4/7/134785728/293261090.png)
Peer review: AC
Photo courtesy of Jose