Malware and Your Mac

Yes, your Mac can get malware. Here's why, and what you can do to help defend your Mac against it.

I was recently stricken on the Apple Developer forum for daring to suggest that legitimate antivirus software is useful on a Mac. My comments were hidden in the discussion thread and I was sent a notice from Apple to refrain from suggesting this in the future, lest my posting privileges be removed entirely. For the record, this is how I imagine the builders of the Titanic quashed that “one guy” who tried to point out they still needed lifeboats for the entire passenger capacity just in case.

Apple likes to market their platform as being immune to the malware woes of Windows PCs. It could be hubris, but I tend to think it’s purely marketing strategy. Maintaining that narrative is how Apple gets an edge selling their platform against the competition, so anything that upsets that narrative becomes something to quash. Legitimate anti-malware developers are shut out of crucial elements of MacOS’ blackbox, and the rest of the developer community seems happy enough to compliment Apple’s beautiful clothes when they’re prancing around stark naked. And as I learned, if you’re “that guy,” you get silenced.

Security is a statistical measure

Despite Apple's own official narrative, parroted so loudly by their throng, Macs are susceptible to malware. The claim is partially correct; MacOS and iOS are indeed more water tight than Windows’ underpinnings. The rest of the claim is purely the virtue of statistics — malware developers spend less energy developing singular platform malware for the Mac.

This is rapidly changing, however. According to a security test by Atlas VPN, Security researchers found 674,273 new samples of macOS malware in 2020, up from 56,556 samples in 2019. That’s a 1,029% surge in a year of new malware instances for the Mac.

Mind, that’s still far less than the number of new malware instances for Windows — a whopping 91 million in 2020, meaning malware writers developed an average of almost 250k new Windows malware packages per day. So again, a big part of MacOS’ security is purely the numbers game, because the market share of Macs isn’t worth many cybercriminals; and hackers’ time.

While Apple’s move to their own silicon will further mitigate the malware threat — much as back in the day their Motorola processors helped make it difficult to repurpose code already written for Windows malware — this will also further thwart the intentions of well-meaning anti-malware and cyber security developers whose only goal is end user security, not platform share. For those (most of us) on Intel powered Macs, having both an anti-malware package and plenty of due diligence are a necessity to protect our Macs from assault.

The greatest danger of exposure is yourself

The most common malware attacks on the Mac are browser hacks and adware — those which hijack your browser and display ad banners, counterfeit pages and the like. And they find their way onto your system so easily because, unwittingly or not, you allowed it to install, with the click of some button, somewhere.

Whether you have administration privileges or not, they can still install at the user level, so only one user’s account on a Mac could be infected, while other users notice nothing. If you do have administrator privileges, however, expect the infection to propagate itself to the system level.

There’s a few things you can do to protect yourself:

Install a Mac anti-malware utility

You absolutely, positively do need an anti-malware package for your Mac, to protect you from yourself. I highly recommend Sophos for Mac — it’s free for personal use, and causes little to no overhead or performance issues on even an older model Mac. Further, it allows for up to 10 devices (both Windows and MacOS) on your account, that are centrally controlled and managed by an online dashboard. This is business package-level stuff in a home package.

For a more robust, paid solution, I recommend Intego’s Antivirus Security Suite. Intego gets top billing from AV-Test — an independent certification authority for anti-malware products. And it operates with the least overhead and performance hit of the MacOS antivirus packages I’ve observed. You can get the first year subscription for $24.99, and have a VPN add-on for $19.99 per year. If you frequently use WiFi on the go, a VPN is a must-have.

Avoid Norton Antivirus like the plague. This particular solution has been shoddy, bug ridden, and performance choking through too many versions for me to ever recommend it again, and be able to look myself in the face when I shave. Seriously, with what this utility has done to so many Macs under my care over the years, you might as well just have the malware infection.

The MacOS version of MalwareBytes used to be known as AdwareMedic, a free, donation-only removal tool that would remove all known adware infections from your Mac with a simple click. Sadly, after being acquired by MalwareBytes, it became bloated with features that were unnecessary, and became a lingering installation on your computer. It’s too anemic to be a legit security package, but wants to cling to your Mac install like a barnacle in turn for being mediocre. Don’t download it. Don’t install it. You might as well turn to one of the recommended security apps noted above.

Also, avoid MacKeeper

This gets its own subhead for a reason! This is Mac "optimization" utility that spams its pop-ups all over the web, and markets itself as a utility harkening back to the glory days of Norton Utilities that can keep your Mac clean of threats and improve your performance.

It should be enough of a dead giveaway that it assaults you constantly to download it, and sponsors a lot of dodgy websites. But just to put it in writing, MacKeeper is nothing short of ransomware that will eventually cripple your Mac in the hope of you paying for their "premium" level service to fix it for you. Worse, once you realize you've been duped, it's a long arduous process to manually remove all of its bits from your system. See this little guy on a pop-up or a banner ad? Ignore him; make him go away!

Verify your downloads

Here’s where the added security of MacOS doesn’t matter: user allowance. If you okay something to run on your computer, it will run.

You see those Upgrade your Flash Player popups that come up on your browser from time to time? First off, you shouldn’t be using Flash Player anymore anyhow. Adobe even makes it uninstall itself now, given your approval. But second, never pay attention to a browser message that says you need to upgrade anything. It’s not your browser’s job; it’s the application’s job.

What you think is a legit download link can be loaded with malware, and if you are careful and observant, you will notice that malware distributors can even top load your Google and other search engine requests to put their results above the actual developer’s. If you’re searching for an app, and the link you’re getting ready to click doesn’t come from the actual software developer’s site (e.g., Adobe software from, Firefox from, etc), don’t click it!

Browse smartly

When dialogs pop up on your Mac while browsing the internet — particularly sites that have less than a stellar commercial reputation, you are more than likely about to invite malware to install on your system. Never click buttons that come up in fake “dialogs” or pop up windows while browsing, even if they say “Cancel” or “Close” or whatever.

The only safe, acceptable way to close these intruders is to use the normal close box at the top of the window. If said pop-up locks you out of being able to close the window — and some do — then force quit your browser by dropping down the Apple menu, hold down the shift key and select the force quit item.

DNS block your network

This is a sledgehammer approach, but if you have a small network of Macs/PCs or even larger, setting up DNS filtering will keep your users from accessing many malware distribution sources. OpenDNS (now a part of Cisco) is the service I utilize for my own network and select clients who opt for such security.

OpenDNS can be used straight out of the can, or you can set up a local server to customize your filtering settings. Setting this up for your network and users is an easy to moderate difficulty task. I am more than happy to perform the setup of this protection as part of my retainer or on-call services.

In conclusion

Malware is a problem that crosses the Mac/PC divide. While the Mac user can still enjoy relative safety from the myriad of possible malware that strikes our Windoze using counterparts, we cannot be careless. Paying simple attention to our browsing habits, and a few simple utilities, can make a world of difference in whether malware becomes a headache for you, or not.

Share This page!


Phone: 850.462.4543