26 November 2019
The issue of how to remove malware from Mac has become a hot topic over the years - and with good reason.
Mac malware is on the rise and shows no sign of stopping.
Here we take a look at some of the most recent malware threats faced by Macs in 2019, symptoms of malware on your Mac, and the best removal tools (as voted by MacUpdate users) to get the job done.
Ready? Let's go!
Here's what you'll learn in this post:
In a word: Yes.
Despite earning a reputation for being almost impervious to viruses, Apple devices are facing a growing threat of malware - one that's been bubbling away for 15 years.
The most obvious answer is the fact that Macs are increasing in popularity. As more consumers purchase these devices, more cybercriminals are opting to target them.
This has also coincided with an increase in more complex attacks, such as:
A well-known name in the world of anti-malware, Malwarebytes is a simple and straightforward solution. It works away in the background largely unprompted, and if you need to run a manual scan, it's only ever a few clicks away.
The free version gets to work cleaning up an already infected Mac, but if you want ongoing protection, you should opt for Malwarebytes Premium. This prevents further malware infections, proactively blocks adware, and runs superfast scans when required.
A solid and reliable antivirus for Mac, VirusBarrier X9 from Intego is slick, quick and focused.
There's no feature bloat here as it gets to work on the task at hand - identifying, removing and blocking malware. Folder scanning is fast, and the full scans are thorough.
You can also schedule scans ahead of time, which is always handy.
The downside is the full scan can be time-consuming, while the free trial only offers very limited functionality.
Little Snitch's primary function is to alert you to outgoing network connections. It essentially stops your private data from being sent out without your knowledge or approval - sort of like a reverse firewall.
It runs quietly in the background and can also detect network-related activity of malware, trojans and viruses.
But (and there's always a but) it only looks at single connections and overlooks patterns of network activity that malware can engage in.
It's good at what it does, however, there are better malware-busting alternatives out there.
An award-winning general-purpose software, Catalina Cache Cleaner (CCC) makes system maintenance a breeze, but we're interested in its capabilities as a malware scanner. We're pleased to report that it shows up well.
CCC helps keep your Mac safe from malware by adding three additional layers of security. It also ships with the open-source, cross-platform ClamAV antivirus built-in. It's always-on, scanning downloads on the fly to ensure you receive the very best malware protection from both Mac and Windows threats.
Designed to scan, identify and delete malware quickly and easily, MacScan is a worthy winner.
Rewritten from the ground up for OS X 10.8 Mountain Lion (and later), it takes a no-nonsense approach to dealing with malware, spyware, Trojans, and more.
Simple and easy-to-use, its comprehensive and consistently up-to-date library of known threats keeps your Mac ticking along nicely. With its new Smart Scan engine, it gets to work in the very areas of your device where security and privacy threats like to hide.
The only real cons are the annual license, and the high CPU usage while scanning. If the latter seems like a fair trade when you get such a complete security solution in exchange.
Download: Available here.
A software befitting of its name, SuperDuper is a powerful and popular app for creating a fully bootable backup of your hard drive. It's particularly useful when recovering from a malware attack.
SuperDuper is easy to use and geared towards less technical users, but it also caters to more experienced users with a slew of sophisticated features such as customizable scripts and version control.
For the sake of brevity, here are five of the most recent, significant and scary:
Looking for a full list of recent Mac malware threats? Check out this article from Macworld.
First reported back in January 2018, the OSX/MaMi malware is a nasty piece of work. It exists to route all traffic through dodgy servers in order to steal sensitive info.
The program installs a new root certificate to intercept encrypted communications (eek!), and it can also take screenshots, execute commands, and upload and download files.
CrescentCore was found on a number of websites and even showed up in Google search results. It was cleverly disguised and very sneaky.
Before running, it would check to see if it was inside a virtual machine. It would also search for antivirus tools. If the machine was unprotected, it would go ahead and install malicious files.
The alarming part? It had a signed developer certificate, issued by Apple. This meant it could bypass Apple's Gatekeeper.
Although later revoked, the fact it had a signed developer certificate in the first place proves that malware can get through the in-built protection.
LoudMiner found its way onto Apple devices via a cracked installer for music production software Ableton Live. It was a cryptocurrency miner designed to use Mac's processing power to make money. Not cool.
First spotted in May 2018, another cryptojacker called Mshelper was causing all sorts of issues.
Those infected noticed hardware problems right away - namely their fans spinning much faster than normal, and devices running hotter than usual. This typically indicates that an often malicious background process is using up processing resources.
Discovered at the end of January 2019, CookieMiner was able to steal user passwords and login information for cyberwallets from Chrome.
It could also grab browser authentication cookies associated with crypto exchanges, and access iTunes backups to build up a user profile with enough personal information to bypass two-factor authentication.
All of this meant easy access to the victims' cyber currency.
Shout out: Listen to the brilliant Intego Mac Podcast to learn more about the most recent Mac malware threats.
Okay, that list above makes for some scary reading, right?
That's why it's a good idea to familiarize yourself with the common symptoms associated with malware. If you ever notice any of the following, you can quickly take action and avoid potentially catastrophic consequences.
If you notice any of those signs, don't panic. It doesn't always mean your Mac is infected with malware. There are other reasons why a Mac runs slowly.
The one thing you definitely want to avoid doing is Googling the problem and installing the first thing you find in an attempt to remove the problem.
This could result in you downloading more malicious software and making the entire situation much worse.
Instead, you need to turn to a reliable software solution (like those listed above) to run a check and - if you do have malware - safely remove the offending files.
If you think your Mac is infected with malware or a virus, take these steps to keep the situation under control:
When recovering from a malware attack on your Mac, there are a few things you need to do:
If you've missed a recent update, you could leave your device vulnerable to further attacks. It might even be the reason why you suffered the attack in the first place!
Click on the Apple menu icon > Select App Store > Click on the Updates tab > Install all available updates.
Apple's Internet Recovery Partition allows you to safely check the hard drive for anything out of the ordinary.
Restart your device > As it reboots, hold down Command + R > Once rebooted, you should see the Internet Recovery Partition > Select Disk Utility and click Continue > Click on First Aid > Click Run.
Your Mac will now run a scan on the hard drive to look for errors and - if possible - fix them.
If you have SuperDuper installed, you should reboot from the previous day's backup, reformat your drive and move forward malware-free.
Malware can cause mayhem on a Mac - and fast.
These days, it's often not enough to just be careful when you're browsing and vigilant about what you open or download. You have to be proactive and take steps to protect your device and the data it holds.
Download a malware removal tool today, and have a recovery plan up your sleeve should you need one. If you ever cross paths with Mac malware, you'll be glad you did.
Head of Community at MacUpdate
Marta Turnbull is a MacUpdate OG and has written about technology, marketing and brand creativity for over 10 years. She splits her time between Michigan and Ukraine.
Subscribe for our newsletter with best Mac apps offers from MacUpdate.