One of the following statements isn’t true:
- Macs don't get viruses
- Ed Sheeran's Galway Girl is a great song
- TV presented Bob Holness played the ax solo in Baker Street
Did you spot it? That’s right: they’re all bobbins. But as far as Mac users are concerned, the first statement has a corollary: while Macs can get viruses, most don’t. We should probably explain.
Do Macs get viruses?
Yes and no. Mac viruses do exist, but it’s very hard for them to spread. OS X and macOS are based on the Unix operating system, which is sandboxed. That means it’s very difficult for viruses to do any damage. Think of them as locked in a little box from which they can’t escape no matter how hard they try.
Not only is a Mac much more difficult to hack or compromise than a Windows PC, but the relative obscurity of Macs means that even if a criminal does find a vulnerability to exploit, it’s a lot more effort to attack far fewer computers. That means Macs benefit from security by obscurity; the baddies target the more common and potentially lucrative Windows machines instead.
That’s great for Mac users, of course, but it’s also meant an entire generation of people believing that Macs don’t get malware of any kind. Unfortunately, Macs can and do, so when malware affecting Macs does appear or a popular Mac app gets bundled with a trojan, users are completely unprepared.
For example, Mac owners might have been spared the hassle of ransomware app Wannacry/WannaCrypt in May 2017, which only targeted Windows devices, but 7,000 Macs were infected with similar malware in 2016.
Ultimately, if you use a Mac, you need to consider whether the (so far, fairly remote) risk of infection is worth sacrificing performance, money or both.
What are the biggest security risks to Macs?
The bad guys’ favourite malware is currently ransomware – a type of app that locks up the victim’s computer and only unlocks it if a ransom is paid. And as some victims have discovered, it turns out that you just can’t trust criminals: people who did pay up found that they were asked to pay again, or that their card details were copied and used.
Ransomware made it to the Mac in 2016, when the KeRanger trojan was discovered in the Transmission BitTorrent client. It’s believed that the infection happened through compromising the Transmission website and replacing the real DMG download with an infected one. Some 7,000 Macs are believed to have been infected.
The fact that KeRanger generated so many headlines underlines how unusual such malware actually is: nobody holds the front page when a new Windows vulnerability is discovered. The reality is that unless you’re exceptionally unlucky, if you keep your Mac up to date, don’t download cracked software, don’t mess with OS X’s default sandboxing settings, don’t believe pop-ups that tell you to upgrade Flash and don’t click on phishing or other fraudulent emails then you’re likely to remain perfectly safe.
That may not remain the case forever, though, and Apple has been accused of reacting too slowly when genuine threats are discovered. So what can you expect from Mac antivirus software?
Mac antivirus: which is best at detecting threats?
The excellent AV-TEST regularly puts anti-virus programs through their paces, and their most recent tests took place in July 2017 on macOS Sierra. They tested two key areas: how well the packages detected Mac-specific threats, and how well they protected against Macs in mixed-OS environments being hijacked to spread Windows malware.
For Mac malware, four packages achieved 100% detection without false positives:
The next four achieved between 99.5% and 98.4% without false positives:
The worst performer was MacKeeper, with 85.9% detection.
In mixed operating system environments, five programs achieved 99% detection of Windows threats: