Are you still assuming that your Mac is safe from malware because hackers don’t write viruses for macOS? Well, if you are, it’s time to get with the times. It’s not 2005 anymore, and hackers have realized that Macs are a huge market with lots of potential to pick up a quick buck. More and more Mac malware is popping up, as hackers discover ways to get around macOS’s built-in security features. Plus, some massive security flaws have been discovered (and patched) recently — but there could be even more huge security flaws lurking, undiscovered, on your system right now.
There’s never been a better time to install antivirus software on your Mac. It’ll be much more robust than the built-in security features Apple created for the Unix-based macOS, so it’ll help fill in the gaps in your Mac’s built-in security, as well as protecting you from phishing scams, helping you manage your passwords, and more.
XProtect Is Ridiculously Frail
XProtect is macOS’s built-in antimalware scanner. It runs surreptitiously in the background, scanning files for malware as you open them, and warning you if it detects anything suspicious. In theory, this sounds great — the malware protection you need, built right into the OS, and it doesn’t slow down the system.
But in reality, XProtect is nowhere near as robust as even the simplest antivirus program available for download. Like other malware scanners and antivirus programs, XProtect uses a malicious definitions list to scan for malware — it compares the signatures in the code to those on the malicious signatures list, and if it gets a match, it will warn you that you’ve opened a malicious file.
However, XProtect’s definitions list is only 94 entries long. That’s a minuscule fraction of the length of any other antivirus program’s definitions list. You need a max security antivirus that constantly updates its definitions list and uses a more comprehensive, robust list to begin with.
Hackers Have Discovered How to Bypass Gatekeeper
Gatekeeper is another security app on Mac that seeks to keep users from inadvertently running malicious apps by blocking any apps that don’t come from the App Store or don’t have Apple developer certificates. If an app is signed or downloaded from the App Store, macOS uses sandboxing to keep it quarantined from the rest of the system. With sandboxing, apps are given only the system resources they need to operate, and aren’t allowed free reign to do whatever they want, like, for example, dig around in your system directory files.
However, there are a couple of problems with Gatekeeper. One is that not all unsigned apps are malicious — they might just be from a third party or from an open-source developer who doesn’t see a point in spending money to get an Apple developer certificate and put their free software in the App Store. But if you want to open a third-party app that you know is trustworthy, you can get around Gatekeeper by going to System Preferences > Security & Privacy > Open Anyway.
No, the bigger problem with Gatekeeper is that hackers have managed to forge Apple developer certificates to fool the app, as they did with OSX/Crescentcore. And the App Store isn’t without fault, either. More than a dozen malicious apps have been found for sale in the App Store, so it’s clear that at least some hackers are able to bypass Apple’s rigorous security protocols in order to bring their malicious apps to a market where users trust them implicitly.
Meltdown and Spectre Could Be Just the Beginning
MacOS uses system integrity protection (SIP) to keep apps from accessing the most vulnerable parts of your system, like core directories. But a set of vulnerabilities known as Meltdown and Spectre, discovered in 2018 to have affected nearly every CPU built within the previous 20 years, could have allowed hackers to access those file directory files, and other vulnerable parts of the system, anyway. While these vulnerabilities have been patched, they still stand as examples of just how vulnerable our computer systems can be, without our even knowing it.
So, if you care about the safety of your personal information and what to avoid being targeted by hackers, you need to install an antivirus program on your Mac. It might slow your system down a little, and make you feel a little less cool, but it’s worth it to protect your data from increasingly prevalent cybercrime.