Malware is defined as any kind of software which does what you don’t want it to do on your Mac, so Google’s snooping around with the Chrome browser and Google search could be considered malware. Amazon tracking and all those advertisements for what you searched for yesterday might be considered malware. But those are not this malware bunch.
Not Exactly Widespread
Compared to Windows users over the past couple of decades, Mac users have it easy when it comes to viruses and other forms of malware. Say Thank you, Unix roots‘ but that’s not the whole story. Security experts who track such things say Mac malware is on the increase and grew 270-percent just last year. That math supports three pieces of malware that became eight, but you get the idea.
Jony Evans noted that four new malware exploits arrived just this year, so I may not be that far off with three going to eight.
Many of these exploits were identified by users, rather than security firms. In one instance, a Mac user discovered that their DNS settings had been changed and found themselves unable to change them back.
Something is wrong with the tracking system if you have to find them yourself, right?
This particular item of malware (OSX.MaMi) also installed a trusted root certificate on the person’s Mac. The threat left the user vulnerable to fraudulent phishing websites posing as the real deal and man-in-the-middle attacks.
Just to be sure I followed the trail to my Domain settings on macOS High Sierra. Open System Preferences, click on Network, click on Advanced, click on DNS. The DNS Servers numbers should be from your local Internet Service Provider, Google, OpenDNS, and others. I use the latter because Google tracks me enough as it is.
Thomas Reed sums up the situation:
Mac users are often told that they don’t need antivirus software, because there are no Mac viruses. However, this is not true at all, as Macs actually are affected by malware, and have been for most of their existence.
This DNS lookup malware mentioned above is particularly nasty because you just may not know it’s on your Mac.
Reed has a nice list of the past and most recent malware bouts, including OSX.Coldroot, and others. How can you keep your Mac clean and free from such attacks? You can’t. Attacks happen. But there are steps you can take to prevent the attack from gaining access to your Mac.
- Avoid clicking links if you don’t know the sender.
- Use strong passcodes.
- Understand the risk of public Wi-Fi, and don’t access confidential of financial services using such networks.
- Do not download software from unapproved App Stores.
- Run a virus scan now and then.
- Use two-factor authentication when possible.
- Learn to use and understand Apple’s new privacy protection tools when they appear in iOS 11.3 and macOS 10.13.4.
- Read the Mac and iOS security guides.
Yeah, these are the basics we’ve heard for years. Stay away from unknown websites that offer free anything. Check your Network settings every now and then. And watch out for those popups in Safari and other browsers which say a System Scan Is Recommended. You won’t like the scan’s results.
Are there hundreds or thousands of malware online ready to pounce on your Mac? No. That’s why growth was in percent rather than actual numbers.
Caution is worthwhile, though. I’ve seen more Macs recently with browser malware than anything else. It’s like 300-percent more than last year.