Back to the Blog
Apple Ecosystem

Can MacBooks Get Viruses? How To Know If You’ve Got A Virus

Paul Febre

businessman using a mac

Can MacBooks Get Viruses?

The short answer is, yes. Macs can and do get viruses.

How Likely Are Macs to Get A Virus?

88% of today’s data breaches are caused by human error. The likelihood of a Mac user getting a virus largely comes down to that user’s behavior. 

Key Statistics To Know:

  • 1 in 4 workers have clicked on a phishing email at work. [1]
  • 43% of people have made mistakes at work that compromised cybersecurity. [2]
  • Younger workers are 5x more likely to make mistakes with security consequences. [3]
  • A third of workers rarely or never think about cybersecurity at work. [4]
  • 50% of employees say they’re less likely to follow safe data practices when working from home because they’re not working on their usual devices. [5]

Mac users should be cautious about what they click on, what apps they download (and from where), and who they allow access to their computers.

Common Ways Macs Get Viruses

Like in Windows PCs, there are many common ways a virus can get into your Mac. The popular types of Mac viruses so far include spyware, adware, ransomware, and scareware. Let’s see how these malicious viruses can trick you and gain access to your Mac.

Phishing emails or messages

You may receive a fraudulent email or a Facebook message that looks like it’s from a well-known person or a trusted company. These phishing emails will persuade you to click on malicious links that appear harmless. Once you click on such a link, the system can get infected with malware. 

Infected document with Macros 

There can be Word or Excel documents infected with macro viruses, which you can receive in several ways. For example, you may often get them as email attachments, via internet download, or while sharing files through a network. They can send emails containing the document to other email addresses, create new files, format hard drives, insert pictures, etc. If you downloaded and opened such an infected document knowingly or unknowingly, it will run malicious code triggering different activities in your Mac.

Fake software updates

Mac viruses can sometimes disguise themselves as a software update. You will get the malware once you download and install the update. Trojan horses are the most popular form of computer viruses that can get into your Mac in this way. For example, the “MacDownloader” trojan horse discovered in 2017 was hiding as an Adobe Flash Update. 

The victim simply visits a malicious web page and gets notified that they have an outdated Adobe Flash player. Once downloaded and installed, the system receives the harmful malware like adware or ransomware. Adware causes endless annoying pop-ups and advertisements, while ransomware encrypts files and folders in a Mac, making them inaccessible without paying a ransom.

Accepting pop-ups

Pop-ups are another popular way that viruses can infiltrate into a Mac computer. If you accept a sudden browser pop-up without reading it carefully, a form of Mac virus called spyware can get into your Mac. This spyware can track your internet activities, steal your credit card, banking, login, and personal information.

How Do I Know If My MacBook Has A Virus?

Your computer becomes unusually slow.

Suddenly, you may notice that your Mac computer is slower than usual. Otherwise, you might see your Mac freeze, or the cursor has become a spinning pinwheel indicating that it tries to achieve too many simultaneous operations. If this happens, beware; it could mean a malicious virus runs in the background silently and unknowingly.

Your Mac is overheating.

When you experience the first symptom of your Mac getting slower, you may also notice that it is heating up more than usual, indicating that too many processes are running in the background. Overheating can happen even when you do smaller tasks. However, an overheating computer can also mean that malware is carrying out its mission in your Mac computer.

You see annoying advertisements and pop-ups too often.

Getting bombarded with pop-ups and banner advertisements every time you do something on your computer is a sign of adware presence. Notice that you get these sudden advertisements even if you do not visit any website, and those ads will appear at any place you didn’t see them previously.

Unknown software installed on your Mac.

Have you ever noticed the presence of strange software that you do not remember installing by yourself? Then there is a chance that a virus has done it without your consent!

Reduction in storage space

Have you noticed a sudden reduction in your available storage space? Or did you get a warning from your Mac that you do not have enough space? Then, it could mean that a virus in your computer has downloaded many unwanted files and stored them without your knowledge.

Frequent crashes

If you notice that your Mac often crashes more than usual and do not know the reason, it could also mean that a virus has infected your Mac.

Browser issues.

Is your browser getting redirected to unknown websites, or has it suddenly changed its homepage to a spam website you have never visited before? Otherwise, does your browser crash or become unresponsive frequently? These could be signs that your MacBook has a  virus.

Sudden spikes in internet data usage.

Suppose you are not doing any heavy downloads or streaming yet noticed that your internet data had been almost unusually over. Otherwise, you see a huge spike in your internet usage. Although not as common as in the above scenarios, this could mean that your computer is consuming data without your knowledge. It may be due to a virus that downloads other software unknowingly to you.

If you notice one more of the above symptoms in your Mac, it will indicate the presence of an unwanted program or a virus. In the next section, we will discuss the built-in security features of your Mac that will protect you against virus attacks.

Do Macs Have Antivirus?

Having identified several ways viruses can get into your Mac and types of malware that can infect iOS, you may be wondering if it does not have proper antivirus software. Apple has its proprietary antivirus software called XProtect installed in every Mac device since 2009, which scans all applications for viruses.

Apple daily updates a threat database against XProtect scan results. If it finds any malware in a file or an application, it will prevent the download and notify you to take necessary actions. Virus scan by XProtect makes it difficult for malicious malware to install on your Mac.

Apple also has Gatekeeper, a feature of iOS that checks the validity of any app you attempt to open or install. Additionally, Mac computers have a Malware Removal Tool that scans your computer regularly and removes the dangerous files if it identifies any malware.

In the next section, we’ll see all these built-in security features of Macs that protect it from viruses and malware.

Mac’s Built-In Security Features

XProtect

XProtect is Apple’s built-in antivirus software that examines applications of your Mac and ensures that they do not fall under the list of known malware. Xprotect uses signature-based malware detection. Apple regularly updates malware signatures and keeps the list of known malware up-to-date. You do not need any configurations to run XProtect as it is almost a hidden application that runs in the background.

Suppose you open a downloaded application from a browser like Safari and Chrome or via email or iMessage. In that case, XProtect will automatically scan whenever any application changes or when there is an update to the list of known malware. If it finds anything in the bad applications list, it will notify you, saying, “The X application will damage your computer. You should move it to the Trash”. This warning also indicates from where and when it got downloaded. In such cases, you should immediately delete that installer or file from your computer.

However, does XProtect offer enough protection against viruses? While it covers all the known malware, it may not be as powerful as some third-party antivirus software that covers a more comprehensive list of malware.

Gatekeeper

Gatekeeper is Apple’s technology that ensures you run only the trusted software in your Mac. Whenever you download an app outside the Mac App Store, Gatekeeper ensures that it is from a verified developer. If it is a download from an unidentified developer, Gatekeeper will block it and issue a warning message to you. It will also ask permission from you before opening a downloaded application for the first time.

You can allow installing only applications downloaded from the App Store in system preferences for Gatekeeper to work in this manner. You also have the option to disable Gatekeeper completely. Also, if any developer needs to distribute an app other than via the App Store, they can obtain a Notarisation ticket from Apples’ malware scanning service. Then Gatekeeper can identify the validity of the app if his app has that ticket. On the other hand, Apple will issue a revocation ticket to the app if it is malicious so that Gatekeeper can block such apps.

Malware Removal Tool (MRT)

Not only does iOS have built-in tools for virus detection and prevention, but also it has a Malware Removal Tool that will automatically remove identified malware. Whenever it receives automatic security updates, it will remove any infectious malware already in the system and check for malware upon system restart and log in. 

Automatic security and Notarisation updates

Your Mac computer does a good job of checking for security updates regularly. Apple automatically updates XProtect and MRT whenever it gets updated with the latest malware. Moreover, iOS keeps track of revocation tickets issued by the malware scanning service so that Gatekeeper has up-to-date information.

Sandboxing

Sandboxing is an access control mechanism in iOS that is designed to prevent applications from accessing your user data and resources. It assumes that sandboxed applications can only access specific data and resources or nothing at all. If an app becomes malicious, it can minimally harm your computer due to this restricted access.

The T2 Chip and Secure Enclave

The T2 Chip is a technology that significantly enhances the data security in newer Mac models. The secure enclave embedded in the chip stores sensitive data like passcodes and biometric data, including Face ID, Touch ID, etc. Since the OS cannot directly access it, it can protect those sensitive data from Mac Viruses. For example, when you enter your password, the T2 Chip passes it to the secure enclave. It then verifies the password against the encrypted password it stores and returns either a true or false response to the OS. Thus,  macOS doesn’t know if you entered the right login password.

FileVault 2 and XTS-AES Encryption

FileVault 2 is a disk encryption software in Mac that prevents unauthorized data access and protects the entire drive using XTS-AES 128 encryption. The XTS is the latest model of AES, which uses two AES keys to eliminate more sophisticated attacks. When you activate FileVault 2, it will encrypt all the data in your Mac. You can activate it when you set up your Mac for the first time or through your system preferences. 

Do I Need An Antivirus on My Mac?

Mac computers are fairly safe from outside attacks thanks to their antivirus software and other built-in anti-malware protection features. Whether you need an antivirus on your Mac depends on the security needs of your organization. 

Are Macs More Secure Than PCs?

Hackers and cybercriminals are much less likely to target Mac users than PC users. Still, we shouldn’t conclude that Macs are more secure than PCs.

The reason Macs are targeted less often is that Windows accounts for over 73 percent of the operating system market, while Mac has a combined share of less than 16 percent. 

With so many more Windows users to hack, cybercriminals have a considerably larger opportunity to get a return on their investment when deploying phishing and malware campaigns.

Conclusion

Like any other computer, Macs can and do get viruses. Updating your antivirus software and making sure you have updated to the latest updates for your browser and iOS will go a long way to keeping you virus free. 

In addition to these precautions, be mindful of security pitfalls such as phishing or fake software updates which will help lower the chances of an infection on your Mac drastically. 

Has your Mac ever been hacked? Let us know in the comments below!

[1, 2, 3, 4: https://www.tessian.com/research/the-psychology-of-human-error/]

[5: https://www.tessian.com/blog/employees-are-less-likely-to-follow-safe-data-practices-at-home/]