The State Of Mac Malware

Most people believe that Mac computers don’t get viruses or any form of malware but the truth is they do. Mac computers are also vulnerable to malware attacks and have been that way ever since. In fact, the very first known microcomputer virus, Elk Cloner, was designed for Mac. The virus was written in 1982 by a 15-year old Richard Skrenta, and stored on floppy disks. Elk Cloner was designed to target Apple II computer systems. Although it was totally harmless, the virus caused a lot of annoyance as infected computers would display a poem on every 50th boot.

Different Mac Malware

Thirty-six years later, the state of Mac malware changed so much. Viruses and attacks are more aggressive, destructive, and harder to detect. One of the new threats, OSX.MaMi, was originally documented in a forum where someone posted that his DNS settings were changed and can no longer be changed back. The malware alters the DNS settings and makes sure that the user will not be able to reverse it back. The malware also installs a new trusted root certificate in the keychain. The actions of this malware are dangerous because they are intended to direct the user to phishing sites, stealing the user’s credentials in the process.

Another Mac malware called Dark Caracal is a CrossRAT written in Java and designed to provide basic remote backdoor access to infected Mac computers. It is fortunate that the malware was detected early in its development.

OSX.CreativeUpdate is another Mac malware that has been discovered recently. When the MacUpdate website was hacked malicious links were hidden in the download links of some apps. The malware-ridden app once installed mines a cryptocurrency called Monero.

How to Know if You Have Malware

Every malware has a different effect. However, there are symptoms that you need to watch out for. These are the symptoms that indicate your computer might be infected:

  • Your device becomes sluggish all of a sudden.
  • You have an installed toolbar in your browser that you don’t remember installing.
  • Your default search engine changed.
  • All web pages are filled with ads.
  • Ads are popping up.

If you notice any of these symptoms, don’t panic because there are many ways on how to get rid of malware.

How to Remove Malware

Apple included several invisible background protections against malware on your Mac.

  • File Quarantine or Gatekeeper. Whenever you download an app, you’ll get a warning specifying where the file has come from and when you downloaded it. Then, you will have to choose whether to open the file or not. A legitimate app is usually signed by its creator and requires a signature from Apple. If the app is not signed, you will not be allowed to open the file.
  • This feature is linked to File Quarantine. Xprotect scans your downloaded files for known malware and viruses. If the file is infected or damaged, your only option is to move it to Trash.

Aside from these built-in features, there are also other steps you can take if you suspect that your Mac is infected with malware or viruses. If you think your computer is infected, follow these tips:

  • Download Antivirus. Download a reputable antivirus application from the App Store and scan your whole computer for malware and viruses. Move all the infected files to the Trash, and then empty the Trash after scanning.
  • Check Activity Monitor. If you’ve recently installed an app and you think it’s dodgy, take note of the name and quit the app immediately. You can press Command + Q or Click Quit in the menu to close the app. Then, open Activity Monitor from the Utilities folder. Search for the app’s name. If you find that it’s still running despite the fact that you just closed it, it means there’s something fishy about the app. To quit the process, select the name of the app, click the X icon and choose Force Quit.
  • Restore from Time Machine. Once you notice that your Mac is infected, immediately shut down your computer and restore from a recent backup through Time Machine. You should restore your computer to a time before your computer became infected.
  • Clear your cache and download folder. You can use 3rd party cleaning tools to do these or you can do it manually.

If you’re using Safari:

  • Click Safari, and then choose Clear History.
  • Select All History from the dropdown list.
  • Click the Clear History button.

If you’re using Google Chrome:

  • Click Chrome and select Clear Browsing Data.
  • Choose All Time in the Time Range drop-down.
  • Click Clear Data.

To empty the download folder, just drag all the files to the Trash, and then empty the Trash. If you think your computer is still infected, your last option is to install a fresh copy of macOS and your apps. Don’t forget to reformat your hard drive before reinstalling macOS to make sure that there are no viruses or malware left.

It is also a good advice to use 3rd party cleaning tools like Outbyte MacRepair and get rid of unwanted files, caches, temporary files, and unnecessary applications. Cleaning up the trash on your computer will also resolve the sluggishness of your Mac and boost your device’s performance because there is no clutter.

Leave a Reply

Your email address will not be published. Required fields are marked *

eight − two =