You could be forgiven for thinking that you don’t need antivirus software for your Mac computer. Up until a few years ago, conventional wisdom held that Macs were immune to viruses, simply because hackers didn’t bother to write much malware for these less common systems. But, as Macs have grown in popularity, and Windows users have grown wiser to the risks posed by cyber threats, more and more hackers have started writing malware to exploit inherent vulnerabilities in the Mac OS. Because Mac owners tend to have more money than PC owners (hey, Macs aren’t cheap) and because they also tend to cling to the now-outdated belief that they don’t need antivirus software, Mac users are a tempting target for cash-hungry cyber criminals.
According to a recent report released by Malwarebytes, Mac threats in 2019 increased by 400 percent compared to just a year before. A couple of years ago, in 2018, Apple identified two massive security flaws that likely affected nearly every Mac sold for over 20 years. Apps in the Apple App Store are supposed to be safe, but malicious apps have been known to slip past the gatekeepers. Many hackers are using apparently genuine developer certificates to allow malicious apps to slip past the Mac OS’s security features. And, of course, there’s no telling what zero day exploits are lurking on your system even now, just waiting for an unscrupulous but enterprising hacker to take advantage of them.
Hackers Are Getting Smarter about Targeting Macs
Macs are known for their robust security features. The Unix-based OS should, theoretically, at least, keep the system secure with sandboxing, which limits what apps can do to protect data and files on the system, and a series of proprietary features like Xprotect, which runs malware in the background, and Gatekeeper, which checks for approved Apple developer certificates before running apps on the system.
But hackers are getting wise to Macs’ security features, and they’re coming up with ways to get around them. Recent malware like OSX/CrescentCore uses apparently genuine developer certificates to get around Gateway’s checks. Malware apps like these can run for days, or longer, before being caught, and if you think you’re safe downloading apps from the App Store, think again. These apps are supposed to be vetted for legitimacy and security, but sometimes, malicious apps do slip through the App Store’s gatekeepers. But security firm Wandera found 17 malicious apps in the App Store last year, and Apple’s built-in security features aren’t so useful against adware or the potentially unwanted programs (PUPs) hackers often use to mine cyber currency.
And many apps exploit zero-day flaws that users, and even Apple itself, don’t yet know about. Developers hope to find and patch zero-day exploits before hackers discover them and start using them, but hackers live to discover previously unknown security flaws in systems. Your Mac could have flaws you don’t even know about, which makes running a comprehensive, third-party antivirus for your Mac essential.
Even Macs Have Security Flaws
While Apple products do have significantly more robust built-in security features than their Windows counterparts, even Mac computers can have security flaws that, in some cases, can go undetected for years. The Meltdown and Spectre flaws, discovered in 2018, affected nearly every Mac CPU built for 20 years, and no one knew about it. If you owned a Mac in the two decades prior to 2018, it was most likely affected by these vulnerabilities, which could have allowed malicious apps to access your machine’s privileged memory.
Fortunately, no Macs seem to have suffered from apps taking advantage of the Meltdown and Spectre flaws, but that doesn’t mean your Mac doesn’t have an undetected flaw that could make it vulnerable. And hackers are casting increasingly wide nets in their efforts to make a quick buck from ransomware, malware, and other cyber scams. The more machines a hacker can infect with his or her malware, the more money he or she will make, so thinking that you’re not vulnerable because no one would want to scam you is foolhardy. Targeted attacks, while real, are rare.
The days when Mac users could smugly gloat about their machines’ superior security and lack of need for antivirus protection are over. Today’s Macs may as well have huge, glowing targets painted on them, as far as hackers are concerned — and that’s why you need to protect your Mac with a comprehensive anti-malware solution.