Does Your Mac Need A Virus Scanner?

Today’s discussion is a classic one: are Macs really impervious to the malware threats so rampant on PCs? Due to the rapidly changing nature of technology and the ever-increasing acceptance of Macs, this is a question that needs to be periodically revisited.

We’ve recently seen Apple’s bulletproof security claims become quite tarnished in light of threats such as MAC Defender. Read on to see if you should be concerned.

MAC Defender: The First Major Mac Threat?

At the start of May, one of the first major viral outbreaks on the Mac platform was detected, prompting many users of Apple’s OS to re-question its security and protection.

MAC Defender was a program that acted and looked like a real spyware removal client and through SEO poisoning, meaning that the program would show at the top of most major search engines, unsuspecting users clicked on the website, automatically starting the download and installation of the software onto the user’s Mac.

Although the program looked professional and genuine, it was far from this. After installation, it displayed regular notifications of “threats” to your computer and prompted you to purchase a “license” if you wanted to remove the fake threats from your Mac. It sounds all well and good, but now your credit card and personal information are in the hands of the hackers, giving them open access to your bank account and your hard-earned funds.

macdefender

MAC Defender and the fake threat notifications

Although Apple did respond to the threat quickly by releasing a security update for Mac OS X to patch up this issue, the hackers quickly found a workaround and many Mac users were left questioning the overall security of their computer and whether the MAC Defender threat was an isolated issue or one that could be repeated in the future. Macs have always been noted for their security and reliability, and seeing as only around 15% of all of the computers on the home market are Macs, hackers traditionally focused on writing viruses for Windows, which has a greater dominance.

Mac OS X Security

The feature on the Mac page of Apple's website, advertising its security

However, given the rise in popularity of Macs in recent years, especially since the transition to Intel, are we going to see more threats to a platform that was traditionally seen as invincible against viruses? The answer, unfortunately, is most probably. The recent MAC Defender attack highlighted weaknesses in Apple’s platform, and although a security update has been released, hackers are known to be extremely persistent and they did indeed try again (and succeeded). Although the program was relatively easy to remove, it still bypassed Apple’s supposedly rock-solid security measures.

Apple-Rilis-Security-Update-untuk-Tumpas-Mac-Defender

Apple released Security Update 2011-003 at the end of May, which detected and removed the MAC Defender threat

Chris Clymer, a consultant at SecureState, fears for the Mac’s security. With regards to OS X, he stated:

…there’s actually a lot of things that have not necessarily been developed as well as on the Microsoft platform. It’s probably more vulnerable in many ways.”

Many Mac users do not run anti-virus software or anti-spyware software, unlike most Windows users, who generally run a commercial anti-virus software such as Norton or McAfee (many which come bundled with the purchase of the computer) along with an anti-spyware program, such as Windows Defender. Apple does not do this and only sells a limited range of security software.

Do I Need Anti-Virus?

In my opinion, yes. The recent MAC Defender threat has highlighted the fact that Macs aren’t as invincible as people think, and for an extra $50 or so, it is worth having piece of mind and splashing out on some decent anti-virus software and keeping your Mac nice and clean.

What Are the Options?

There has been a recent rise in anti-virus software released specifically for the Mac platform. If you walked down the aisle of any computer store a few years ago, you would have been greeted by purely Windows-only software but now developers of such software such as McAfee and Norton are broadening their horizons and releasing Mac versions of their popular anti-virus software.

However, before installing any anti-virus software, you should check a few basic things to make sure your experience online is a secure one.

  1. Regularly check for software updates for your Mac; Apple does release them on a regular basis so do check to make sure you’re not missing out on an important security update.
  2. Make sure your in-built firewall is turned ON – this prevents anyone from gaining unauthorized access to your computer without you knowing (and in Snow Leopard it isn’t turned on by default). If this doesn’t give you enough piece of mind, then consider investing in Little Snitch (€29.95) – which aggressively monitors all outgoing and incoming connections on your Mac.
  3. For extra security, consider encrypting your Home folder, and thereby any sensitive personal information through FileVault (accessed through Security in System Preferences). Depending on the size of your Home folder, it can take anywhere from a few minutes to several hours, but using it means that hackers cannot access your Home folder.
  4. When online, be wary about what sites you visit and never give out credit card or other information to insecure sites. Remember: if the sites looks dodgy, then it probably is.

Here are 4 of the best ways to keep your Mac squeaky clean and free of any infections.

ClamXAV Icon 

ClamXAV

ClamXAV is a free, simple to use virus scanner which scans your hard drive and flags up any errors. You can quarantine any infected files and folders or remove them completely. The virus database is updated regularly ensuring constant protection.
Price: Free
Requires: Mac OS X 10.4 and above

virusbarrierx6 

VirusBarrier X6

The developer of VirusBarrier X6, Intego was the company that actually originally discovered the MAC Defender threat. Their anti-virus software, although a little on the expensive side, also includes anti-spyware and an additional firewall, as well as featuring an easy-to-use interface and additional monitoring tools.
Price: £47.78 (around $78) for the anti-virus software; the complete internet security package costs £71.70 (around $119)
Requires: Mac OS X 10.5 and above

sophos-002 

Sophos Anti-Virus

Sophos is a popular anti-virus solution for Windows users, however now Mac users can indulge in its benefits. Sophos runs discreetly in the background and allows you to scan your Mac for any viruses and threats (even those designed for Windows). The virus database is regularly updated and allows you to quarantine or delete any threats you find.
Price: Free
Requires: Mac OS X 10.4 and above

norton-symantec-dns 

Norton Anti-Virus for Mac

Norton’s popular anti-virus software has been ported to the Mac and its features are much the same as what is offered in the Windows version: real-time protection against any incoming threats. It is, however, a little pricey for the features offered.
Price: $49.95
Requires: Mac OS X 10.5 and above

Conclusion

To sum up, as Apple products increase in ubiquity, the promise of the platform being a safe haven for those tired of malware threats may be coming to a close. I think it’s essential to pick up some good protection software for your Mac, even if you think a legitimate threat is a remote possibility.

If you want to find out more about Mac security, then read MacWorld UK’s excellent article on why Mac OS X may actually be more vulnerable than Windows.

This is a guest opinion/advice piece and therefore does not necessarily reflect the views of the AppStorm team. Feel free to debate away in the comments if you disagree with James’ claims!


  • Scott

    This post is such a waste of time. In no way is deliberately downloading and installing a program on par with the rampant browser exploits that Windows machines daily struggle against. There is no equivalency here between Mac and PC.

    • tom

      I was backing up a site for a client, syncing with transmit and Sophos did catch a trojan that had been on his server. Had I not have had it it’s more than possible that I could have opened what looked like half the other php files

      • tom

        I guess I should point out it was a windows virus but the day will eventually come.

  • Rob

    Maybe people should save their $50 and just not install random automatically downloaded software, and then feed it their credit card information as soon as it asks for it =)

  • mcdevy

    Yeah, let’s just fire and forget!

    There’s no way to prevent intrusion outright. Keeping your nose out of this stuff requires common sense, good judgement, and reasonable choices being made on your everyday life with the computer.

    Good chuckles out of “it means that hackers cannot access your Home folder,” and “Although the program looked professional and genuine, it was far from this.”

    You have got to be a newborn on the internet, or at least a passive casual user for this to anywhere near bite. Everything from the graphic UI to the process and agressive nature in which the intrusion installs and prompts said user all looks and sounds like fraud.

    Exercise a sound mind when on the internet folks, that is all. There’s common knowledge out there for avoiding these sorts of scenarios and it doesn’t involve plopping 50$ down on Norton or obliviously encrypting your ‘home folder’ with weak bit-gens.

  • MikeNGarrett

    Buying a virus scanner for a unix-based machine is an admittance that you don’t know how to maintain a computer.

    Go ahead and throw your money at these apps. They will get the job done, but you’re paying much more than it’s worth in addition to the headache that comes with constantly scanning your files.

    Great post all the same.

    • 5starsM

      I have to second that, absolutely. I stopped using windows machine back in 2003-2004. i started with debian, then gentoo, then ubuntu, now on mac, and i admit that if you maintain your computer regularly, you can avoid many threats / sure you have to pay attention on wich websites your are going too, and what you are downloading also

      But… (there is always one), i have to second the post too. More and more threats coming up as the popularity of mac is growing. For now, I have to chill out on buying a security software, but the idea to buy one will grow up in my mind, according to the growth of Apple’s computers

      • http://yoshokatana.com Nelson Pecora

        The thing is, Apple used to have serious malware, and I believe a handful of viruses. Then they switched from their buggy classic OS to the freeBSD-based OSX. People are always trying to crack UNIX, and people should always be worried about security, but this false equivalence with Windows should stop. (The article, not you. I agree with your first point, not your second.)

  • o7o

    Regardless of whether a Mac needs security software or not, the crippling problem of this article is that MacDefender is neither a virus nor a “viral threat.” It’s a trojan horse that requires user action, and as such it does not replicate itself.

    • Steven

      Shut the comments down, this is the only one you need to read.

    • http://www.yourhomemediacenter.com Kurt Riebe

      Thank you. I’m glad someone else knows what a virus is. Seriously, to date, there is still absolutely no need for virus scanning software on OSX.

      If MacDefender gets through, that’s your own fault.

      The 3 Little Pigs were safe from the Big Bad Wolf by being in the house made of bricks. None of them were stupid enough to open the door when he politely asked to come in.

      • A dude

        Actually, in the original story, the pigs did exactly that. They opened the door of the brick house because the wolf disguised himself and they were gobbled up.

        The 3 little pigs was a parable to teach children to invest up front and spot a fraud.

  • Doug S.

    Sure, you could get an anti-virus program. It will protect you from being the less than 0.01% of Mac users who will ever get a virus of any kind in their entire life of owning and using Macs.

    Of course, by doing so you will install a program like Norton, an app renowned throughout the Mac community for causing infinitely more problems than it solves. Are the others any better? Not really, no.

    The TRUTH of the matter is that Mac security threats are extremely rare and with Lion coming with a bunch of sandboxing enhancements, viruses are going to die on the Mac platform before they can ever get a foothold. Oh, and if you just buy something likt Cocktail it will remove all Macdefender variants and a number of other legacy viruses.

    Good times. Best part? It doesn’t make your system unstable or lagg the heck out of it.

  • Phil

    I would like to have some Beer with the offered “piece of mind”

  • http://helios.mine.nu/store/ Alex

    Nonsense, you don’t need these programs one bit, there still hasn’t been a single virus on the mac since OSX was introduced, not significantly less than Windows, not proportionally less due to reduced market share, but none. And even with the malware which simply tricks you into installing it (if your dumb enough) I can count those on one hand and have fingers spare, and theres no reason to expect this to change; also even if deceptive malware did become more common place and you are worried about less computer savvy users; then Apple did actually introduce a program with the last security update that is updated regularly to check for known phishing/malware programs and remove them.

  • Soyek

    I laugh so hard at all those claims like:

    „(…) recent “Mac Defender” attack illustrates the vulnerabilities in the platform, which is designed first and foremost for usability, rather than security.”

    C’mon! Platform!? Really!? It just means that lack of anti-virus software on this „platform” won’t prevent some computer impotents (who most probably bought a Mac after spending all life on Windows just because they own an iPhone and thought a Mac will be as stylish and shiny to show off) from accepting everything and literally letting hackers pass this „platform’s” security and even giving them sensitive personal info as they please.
    Gosh, it’s so laughable…
    Just imagine the situation: a bunch of great looking guys in expensive suits knock to Your door saying there are some ugly bugs detected in Your house and they’ve come to make some cleaning, but it’ll cost You $XXX paid ahead. Would You let them in and pay if You haven’t seen any bugs in Your house at all? LOL.

    All that is why the „Do I Need Anti-Virus?” part is completely irrelevant.
    Sticking to those 4 advices in „What Are the Options?” however is a good thing and is a great second line of defense against all those undetectable viruses yet to come in distant future, the first line being the user himself. I’d only add Metakine’s Hands Off next to Little Snitch as a great if not superior alternative. Personally, I don’t use FileVault, but that’s an individual pros&cons consideration.

  • http://www.metzener.com/ Dave M.

    My problem with Anti-Virus software, of any kind on any platform, is that typically, they don’t catch the “latest threats”. Sure they get the older threats that have been around for a while. However the newest threats sneak through just fine because the folks that maintain the virus databases can’t keep up with the folks that make the viruses.

    That said, running an AV program does nothing more than make the user “think” they are safe thus, the user starts allowing installs from anywhere thinking that the AV software will save them. ***WRONG***

    Keeping a computer (Windows or Mac) clean is really quite simple:
    1. Don’t download and install/run attachments, no matter who they are from
    2. Use a “Router”! A simple Wireless Router will block all unsolicited network requests
    2. Don’t download pirated software
    3. Only download software from well known sources (Amazon.com, Download.com, etc…)
    4. Don’t enter personal info (passwords, SSN, etc…) unless you personally entered the URL of the site. (Phishing scams)

    I’ve been running Windows for 20+ years and Mac’s for 5+ years now and have only been hit by one virus on Windows due to the fact I wasn’t running a Router/Firewall. I was on dial-up at the time.

    Sorry AppStorm.com, but this article smells a little like someone is pandering to the Anti-Virus software market.

  • http://digitalformula.net Chris

    I’m not going to say anything that hasn’t been said already but I still feel the need to chime in and say that I agree with what was probably the original intention of this post but I entirely disagree with the conclusion that most non-technical users will probably draw from it. The only saving grace is probably that most readers of this mac.appstorm.net are reasonably technical compared to many other information websites (in my opinion).

    I’ve never installed an anti-virus package on any of my machines, Windows or Mac. I was a Windows users for the best part of 20 years but switched to Mac around two years ago. I’ve never been infected with any computer virus and am connected to the net 24/7, constantly download files from all over the place – I’m just careful. That said, I work in the I.T. industry and know how to protect myself without needing a software package to do it for me.

    In my experience, anti-virus software does nothing but scare people that are scared enough already, hog relatively precious system resources and cost people money.

    The best anti-virus package you can use is your brain. Don’t install any suspicious or do anything with files from any sources you don’t recognise. Two simple rules with a simple result: no viruses.

  • Petri Sirkkala

    I fail to see how any of these anti VIRUS programs would have stopped the Mac defender TROIJAN from being installed by the user. Please stop writing baseless stories.

  • http://www.lindauermacs.com Charles Lindauer

    As a Mac consultant, I find it useful to have malware scanners on hand. I’ve run into infestations of Word Macro viruses, and on one occasion, spyware, on client’s Macs. Considering the way many people use their Macs, being able to scan for trojans such as MacDefender for them is also useful.

    My only gripe with this article is that Norton is listed. The latest version may be different, but for the past 10+ years a Norton installation was money in my pocket. The client would call complaining that their Mac was so slooooooow! and the only way to fix it was to remove Norton AntiVirus.

  • to

    If anyone does feel the need to install antivirus software on his or her Mac – i would highly recommend ESET.
    http://www.eset.com/us/home/cybersecurity-for-mac

    ESET is in my opinion the best solution on Windows, doesn’t slow down your machine (really!) and has some really great security features.

    And no, i don’t work for them.

  • Kjell

    From what you described in this post i don’t see MacDefender as a virus. Also not the method how it got to the user has anything of a virus as we know it. It was more of a scam and people fell for it. Therefore i wouldn’t call this an platform issue. Could have happen anywhere and anytime. On the phone, on the web, …

    Oh, and i also totally agree with what Rob said. People should use common sense more: I mean.. name 10 genuine programs that ask you to enter credit card data to do stuff. I couldn’t name a single one right now – if any program asks for them, i would be on high alert.

    If anything, get some firewall going on and monitor what (especially new) apps are doing. So many apps send stats, analytics, etc.. its crazy. For minimum protection of privacy add this to your arsenal.

  • Rain

    I suppose that more safety can’t be unnecessary

    • hugo

      guess thats precisely the idea they want to sell…

  • Krista

    Would like to also throw out there that there’s WOT for all major browsers that allow extensions for download. It protects the user from going to potentially dangerous websites. :) And best of all — it’s free!

  • http://hinok.net hinok
  • DavidBL

    Ant-virus software is actually a misnomer these days since it also catches worms, Trojans, spyware, scareware, etc, what is now generally termed malware. Modern heuristic scanning engines do not necessarily require to know about specific threats before identifying something as potentially harmful. Now we know that there isn’t currently anything much that can affect Macs but I run anti-malware for two reasons. 1 – It allows me to identify and trash Windows malware that I don’t want to own or to pass on. 2 – If or when something nasty arrives for Macs I am one step ahead and will have the IDE file to identify it ASAP. What I run is free and does not impact on my use of the machine in any way, so why should I bury my head in the sand? It seems a no-brainer to me. I am an IT professional and have worked with Macs since 1989. The Titanic was unsinkable so they skimped on lifeboats. QED.

  • http://raweden.se Raweden

    Norton ported to mac? so now mac can be protected against windows viruses that can’t possible be executed on OS X. that sentence makes no sense, i have once had a trail period as Norton came preinstalled on one of my of windows machine.
    As with my experience with any premium anti-virus software: the virus alerts goes sky-high as the license/trail period is about to end. Similar marketing concepts as the Mac Defender you mentioned, therefor all premium anti-virus is a joke in my opinion.

  • http://www.h2ofiresprinklers.co.uk/ Fire Sprinklers

    With more and more people buying and using macs its only a matter of time before viruses are common place just like for windows systems! They will find a way believe me!

  • http://7 Marylee Lindzy

    Good day – Me and my husband really appreciate the hard work you’ve done for this post. Actually, my wife and I have also been producing a website about the health benefits of exotic fruit. Your blog’s organization is a great help for our new site. Keep up the amazing work! Looking forward to reading more updates from you! I just added this site to my bookmarks. :)

    • jingles

      Are you the wife or the husband, or both?

    • jangles

      Hilarious! The irony of this comment is awesome.

      This article is about how MACs are vulnerable. But the author mistakenly missed that Mac Defender was a trojan and the weakness was not the system, but the morons installing it.

      Then, on a comment-moderated site, our gracious host approves a spam comment and let’s it sit here.

      Maybe you need spam software to detect fake comments?

  • http://SyntheticWig Synthetic Wigs

    Artificial Wig http://synthetic-wigs.dolabuy.com/ Internet their wide selection of high end Synthetic Fur Wigs, Longer Synthetic Wigs, Discount Chemical Hair pieces, Extra short Manufactured Hairpieces, From suppliers Manufactured Hairpiece and other

theatre-aglow
theatre-aglow
theatre-aglow
theatre-aglow