Threats to macOS
macOS users are confident that no malicious programs exist for this operating system. But they are wrong.
The first ones
- 1982 – the first Trojan for Mac appeared
- 2006 – the first Trojan for macOS (Mac.Leap) was discovered
- 2009 – the first Mac botnet (the Trojan Mac.Iservice) was exposed
- June 2009 – Doctor Web released its anti-virus for macOS
Malware programs for Macs do exist, but compared with Windows, their number is relatively small.
The number of malware samples for macOS acquired by Doctor Web's virus laboratory in 2014
The growing number of malware samples received by the Doctor Web anti-virus laboratory in 2014
So malware for Macs does exist. But how does it sneak onto computers?
Means of transport #1: Applications incorporating malicious code
The Apple Corporation claims that macOS is the operating system most resistant to malware infections.
Since—as Apple claims—no code can be executed on a Mac without the user's knowledge, the risk of infection should be rather low. Alas, this is not true.
Unfortunately, AppStore is not the only source from which Mac users download applications. Dubious download portals, on which no one checks whether an application is malicious, often offer video and software for macOS. And virus makers use this to their advantage.
Users can download malicious content themselves. As a rule, a movie is accompanied by malware in the guise of a flash player update or it can be incorporated in a compromised copy of expensive software for which the user doesn’t want to pay the developer.
So it turns out that no security measure can protect a Mac from user carelessness. No matter how hard a manufacturer tries to make an operating system secure, users download programs containing malicious code and use administrator permissions to install them!
If a Mac is operated by an inexperienced user, the risk of infection increases dramatically.
Means of transport #2: Vulnerabilities
To spread malware for macOS, intruders also exploit vulnerabilities. Vulnerabilities are program code flaws that enable malware to infiltrate a Mac without user knowledge or consent.
Just like any other piece of software, macOS also has vulnerabilities.
It was namely vulnerabilities that played a major role in the first-ever outbreak of the malicious program BackDoor.Flashback.39.for macOS.
- In February 2012 criminals started using Java vulnerabilities to spread BackDoor.Flashback.39, and after March 16 they began using yet another exploit.
- March 2012 – Oracle released an update for the Java Virtual Machine, closing the vulnerabilities exploited by BackDoor.Flashback.39.
- As late as April 2012, Apple released an update for its own Java implementation to close the vulnerabilities exploited by BackDoor.Flashback.39.
Outbreak! 650,000 Macs
were infected with BackDoor.Flashback worldwide
More than 4 million websites
involved in spreading BackDoor.Flashback
Malicious websites were used to spread BackDoor.Flashback.39. At the end of March, Google search results contained links to over four million infected web pages distributing the backdoor.
How can macOS users protect their machines from infection?
Security tips from Doctor Web:
- Only download software from the developer’s site or from the App Store.
- To maintain real-time security, use an anti-virus that incorporates a resident monitor (e.g., in Dr.Web Anti-virus for macOS, this component is called SpIDer Guard).
- Use the HTTP monitor Dr.Web SpIDer Gate to protect your Mac from malware on websites. It will scan all the HTTP traffic and control access to Internet sites according to various thematic categories such as drugs, terrorism, violence, etc.
Try Dr.Web Anti-virus for macOS by putting it into action
Dr.Web for macOS is available with two products
1 PC 1 year
The price includes VAT
All the licenses include the right to use Dr.Web Mobile Security to protect handhelds running Android free of charge.