Even Macs Need Antivirus Protection. PCs get viruses; Macs don’t. You saw it on TV, so you know. Sophos Home Free — Best for Overall macOS Protection & Free Parental Controls. http://ibgowa.xtgem.com/Blog/__xtblog_entry/19290908-resize-image-windows-10#xt_blog.
When might an Apple malware protection pose more user risk than none at all? When it certifies a trojan as safe even though it sticks out like a sore thumb and represents one of the biggest threats on the macOS platform.
The world received this object lesson over the weekend after Apple gave its imprimatur to the latest samples of “Shlayer,” the name given to a trojan that has been among the most—if not the most—prolific pieces of Mac malware for more than two years. The seal of approval came in the form of a notarization mechanism Apple introduced in macOS Mojave to, as Apple put it, “give users more confidence” that the app they install “has been checked by Apple for malicious components.”
With the roll out of macOS Catalina, notarization became a requirement for all apps. Unless installed using methods not mentioned by Apple (more about that later), an unnotarized app will generate the following notice that says it “can’t be opened because Apple cannot check it for malicious software.”
On Friday, college student Peter H. Dantini found that homebrew[.]sh—a knockoff of the legitimate homebrew site brew.sh—was pushing a fake Adobe Flash update and warning users that their current version lacked the latest security updates.
It was a classic Shlayer campaign that was similar to hundreds or thousands of previous ones that also used fake Flash updates to infect users with adware except for one key difference: the trojan had been notarized by Apple. Patrick Wardle, who is a security researcher at the macOS and iOS enterprise management firm Jamf, said he believes this is the first malware to receive the notarization “stamp of approval.”
Wardle notified Apple on Friday of the erroneously notarized file, and the company quickly revoked the certification, a move that prevented the trojan from infecting up-to-date Macs. https://ameblo.jp/1perfaljuhas7/entry-12650243358.html. On Sunday, Wardle said, he found the site was serving new malicious payloads that were, once again, notarized by Apple.
“Unfortunately, a system that promises trust, yet fails to deliver, may ultimately put users at more risk,” Wardle wrote in a post. “How so? If Mac users buy into Apple’s claims, they are likely to fully trust any and all notarized software. This is extremely problematic as known malicious software (such as OSX.Shlayer) is already (trivially?) gaining such notarization!”
Antivirus provider Malwarebytes also weighed in, saying: “Unfortunately, it’s starting to look like notarization may be less security and more security theater.”
In a statement, Apple officials wrote: “Malicious software constantly changes, and Apple’s notarization system helps us keep malware off the Mac and allows us to respond quickly when it’s discovered. Upon learning of this adware, we revoked the identified variant, disabled the developer account, and revoked the associated certificates. We thank the researchers for their assistance in keeping our users safe.”
In Apple’s defense, the company has always been clear that the notarization is “an automated system that scans your software for malicious content, checks for code-signing issues, and returns the results to you quickly.” As such, Apple has never presented it as a comprehensive security check.
Another point in Apple's favor: at the time Dantini discovered the malware and reported it to Wardle, the sample had no detections on Virus Total, the Alphabet-owned malware scanning service that aggregates results from more than 60 AV providers. What's more, Google's Play store regularly admits malicious apps even though its bouncer service purportedly scans for nefarious activity.
And even when notarization prevents an app from being installed normally, it's not that hard to work around the mechanism. As shown in the screenshot below, courtesy of Malwarebytes, unnotarized versions of Shlayer have long presented marks with a custom background that instructed them to right-click on a disk image file, rather than double-click it as normal, and then select open.
With that the malware is installed.
Notarization looks especially toothless when it fails to detect this particular malware family. As Kaspersky Lab reported in January, Shlayer has been the top macOS threat for about two years and accounted for about 30 percent of all detections on the OS for 2019. Shlayer also goes well beyond the nuisance of adware. For instance, after using click-jacking techniques to trick users into installing a self-signed cryptographic certificate, the malware decrypts and reads all encrypted HTTPS traffic. It also harvests user IDs.
Apple’s goof is even harder to understand when it falls for files like those found on Friday and again on Sunday.
“It was a fake Flash player update. with the Adobe icon and all. that of course was not signed by Adobe,” Wardle told me in an online chat. “You'd have thought that's a big red flag that Apple would straight up just block anyways like, umm, anything that masquerades as ‘Flash' update .yah, no, don't notarize that, as who cares what it does (i.e. what malware/adware it is), obv. it's fake/malicious.”
Updated to add sixth-to-last paragraph.
There is a popular opinion that Mac systems are inherently more secure than Windows. In fact, most Mac users don’t even bother to use an antivirus or anti-malware software. Objectively speaking, that opinion may or may not be true. Mainly because that depends on a variety of factors like the number of Mac users, how they use their system, how computer literate they are, etc. However, over the past few years, the threats to Mac users have been increasing, thanks to quickly spearing malware, ransomware, and adware.
Read: Best Malware Removal Tools For Windows
I bet you might have seen ads on websites (mostly porn sites), telling you to clean your Mac with MacKeeper. And while it’s legitimate software (as in not a virus), but it’s nonetheless useless and a waste of resources. Paws for trello 1 1 0 download free. Also, uninstalling MacKeeper isn’t easy as well. So, no matter what you do, avoid MacKeeper at any cost.
Instead, it is essential that you use a good anti-malware software so that not only you can be safe but also avoid spreading malware, ransomware, and viruses to other users. Here are some of the best anti-malware software for mac.
Read: How I Removed Malware From my WordPress Site
When it comes to dealing with malware and other nasty stuff like rootkits, there is no other software that more popular than Malwarebytes. Other than it being able to remove malware from Mac effectively, the best thing about Malwarebytes is that it plays nice with your other antivirus software if you’ve already installed any. In fact, most users including me use Malwarebytes as a backup and perform weekly scans just to make sure that the system hasn’t been infected or has infected files.
To scan your system all you have to do is install the application, launch it and hit the scan button. As soon as you hit the button, it can do a quick scan for malware, PUPs (potentially unwanted programs), rootkits, adware, spyware, virus, etc., both in your system memory and hard disk. If it finds any threats, it will automatically quarantine those threats.
For in-depth scanning, select the custom scan option. Do keep in mind that the custom scan can take a couple of hours depending on the amount of data you have on your hard disk.
Download Malwarebytes (free, $40 for pro version)
Systweak Anti-Malware is a dedicated malware scanning and removal software for MacOS. Just like Malwarebytes, Systweak Anti-Malware scans for malware, rootkits, viruses, and adware in your hard disk and system memory. Once it finds a threat, it automatically quarantines it. If you know that Systweak Anti-Malware quarantined a false positive, you can restore the file or app with just a single click. For regular, deep, or custom scans, you can create custom schedules.
If you know a file or folder to be safe, you can exclude them from scanning avoiding any possible false positives by adding them to the exclude list. Of course, Systweak Anti-Malware always runs in the background and protects your Mac system from malware and PUPs in real-time. Other features of the software include start-up scan, memory scan, and beginner friendly user interface.
So, if you unsatisfied or looking for a good alternative for Malwarebytes you should try Systweak Anti-Malware.
Download Systweak Anti-Malware ($40)
Bitdefender is another popular software to protect your mac from various threats like malware, virus, trojans, adware, spyware, unwanted software, and much more. The best thing about Bitdefender is that apart from protecting you from regular threats, it can actively scan in multiple layers and protect your system from ransomware. Other than that, Bitdefender can also keep an eye on cross-platform threats so that you don’t unintentionally spread malware, virus, or other infected files to your friends, colleagues or family.
Since Bitdefender always runs in the background, it can block any and all threats in real-time. Of course, Bitdefender also scans your system occasionally. If needed, you can create custom schedules with various configurations and scan settings. Bitdefender also has other features like backup protection, safe files, parental controls, secure shopping protection, etc.
Simply put, if you need a full-fledged software that can do much more than blocking and removing malware then give Bitdefender a try.
Download Bitdefender ($50 – $70 according to the version you choose)
Just like Bitdefender, Avast is not just an anti-malware software, it is a anti-virus software that can scan and protect your system from a wide range of threats. In fact, if you’ve ever searched for a anti-virus software, you should have definitely heard about Avast.
Using Avast you can regularly scan your system and create your own schedules to better protect your system. Along with anti-malware security, Avast can also protect your system from infected emails, unprotect WiFi network, and ransomware. Other features of the software include real-time protection, detailed security reports, browser protection, ability to shield you from dangerous downloads and PUPs, etc.
As good as the software is, while using Avast, you should be ready for a little bit of performance dip, at least, that is my experience while using Avast. Other than that, Avast is a pretty good and reputed software to protect Mac system from online and offline threats.
Download Avast (free, $70 for pro version)
AVG is yet another popular software that can protect you from malware, viruses, trojans, adware, and other threats. The good thing about AVG is that you can scan your system for threats related to Mac, Windows, and Android so that you don’t spread viruses or malware to other systems. Also, thanks to the simple and minimal design, using AVG to scan or create scanning schedules is pretty easy and straightforward. Moreover, unlike Avast, AVG always runs in the background and provides real-time protection for free.
As good as it is, when you try to download AVG from the official site, you will be redirected to the CNET website. So, be careful while installing it on your system as CNET has a habit of bundling adware and other toolbars along with the software you are trying to install.
If you are looking for all-around protection with real-time threat analysis and blocking then you should go with AVG.
Download AVG (free)
Another popular opinion amongst Mac users which is more than just an Anti-Malware. Sophos Home comes with a bunch of extra features including a live chat support.
Sophos offers features like Anti-virus and ransomware security along with anti-malware protection. The programme also lets you remotely manage your devices. Yes ‘Device(s)’, Sophos home can be used in up to 10 devices for the paid version and 3 devices for the free version. Doesn’t end here, Sophos Home also lets you put on parental controls so that none of your devices reach the unprotected side of Web.
Apple logic pro 9 studio. Download Sophos Home (30 day trial, $27 yearly for premium)
If you are looking for a dedicated anti-malware software that plays well with other antivirus and firewall software then go with Malwarebytes. As a premium option, you can also try Systweak Anti-Malware. If you are looking for a full-fledged anti-virus software that can extend the protection to viruses, adware, ransomware, and other threats then go with AVG as it provides real-time protection for free. You can also try Bitdefender.
In general, if you know what you are doing on the Internet and don’t download the cracked software or porn, you’ll probably don’t need an anti-virus and/or anti-malware software. That said, if you don’t consider yourself tech savvy or if you are buying a computer for your parents, it’s a good idea to have an anti-malware installed.
That’s for now. If you think I missed any of your favorite anti-malware software then command below and share it with me. It will also help other Mac users.
Read: Top 10 Free Portable Anti-Malware Software to Have on Your Pen Drive