19 January 2023
There's no doubt that for a long time, Mac users didn't have to worry about viruses and malware. One of the biggest reasons for this is that Apple has written software specifically to control which programs can be run on their devices, named Gatekeeper.
There is also another piece of software called XProtect, which runs in the background on Macs and constantly scans for malware. This is highly effective, as Apple does a good job of keeping its list of malware and other malicious programs up to date.
The previous lack of viruses and malware is part of the reason Macs have become so popular and a status symbol. But now the popularity of Macs is part of the reason that new types of malware are developed every day. According to independent security institute AVTest, there were 670,000 pieces of malware targeting macOS in 2020. This is more than 56,000 pieces of malware per month. In addition, there were 48,000 pop-up ads identified.
Thankfully, this figure doesn’t seem quite as high in 2021. In the year up to November, only 17,210 pieces of malware have been found, or 1,434 per month. This may be due to security patches, cleaner software, or increased user awareness of the threat of malware.
Unfortunately, things can slip through the net, and you can still end up with malware on your Mac. If this has happened to you, read on for advice about how to remove it.
Malware is not always immediately obvious, but there are red flags to look out for. Be wary if your Mac displays any of the following behaviors:
If you’re concerned, you can do a bit of investigative work using your Mac's built-in Activity Monitor tool. Click on Spotlight to search for it. Once it's open, you can see a list of all the programs and processes using processing power on your Mac. If there are processes that you don't recognize using lots of resources, that's a sign that malware may be present.
Top tip. Even if you suspect malware, it's unwise to delete any processes until you're sure what they are. Developers of legitimate programs don't always name processes in a way that makes it clear what they are. Try searching on the internet for more information first.
Before beginning the malware removal process, you should follow these steps:
If your Mac has been behaving strangely then appears to return to normal running once you boot it in safe mode, that suggests either it’s been infected with malware, or you have another software problem.
The easiest way to find out is to run one of the many programs available that scans for malware. Some of the veterans of the protection software market have malware features, including BitDefender, MacKeeper, Sophos and Malwarebytes.
If these steps don't work, it's best to run malware removal software to completely clean your Mac. The example used here is Malwarebytes for Mac.
In the past, only network administrators used profiles in a business setting to control what could and couldn’t be installed on your Mac. Now, malware corrupts profiles to prevent you from deleting it. To check your profiles, follow these steps.
It's a good idea to check a list of programs identified as malware for Apple devices. A simple Google search should find this for you.
This will remove the basic files, but fragments may be left behind. If you remove apps this way, it's worth downloading a cleaner program to remove the rest of the files afterward.
Unfortunately, malware can also hijack your browser and force it to display ads, change your homepage, and, most worryingly, log your activities online to steal personal data. If you suspect your browser has been hijacked, follow these steps:
It's possible to delete extensions and reset your homepage on Chrome manually, but it's easier to use its Restore To Defaults option
If you can’t get rid of malware, your only option may be to restore your Mac back to its factory settings. This will delete all the malware, as it only installs the files your Mac came preloaded with.
Normally, if you have an issue with software running on your Mac, you can restore a Time Machine backup. However, you may not know exactly when your Mac was infected with malware. If you restore a Time Machine backup, you risk restoring the malware too. That's why you should make sure your important files are backed up to iCloud as well.