It always seems like there is a new virus, new malware, new adware, that happens to pop up on a computer running Windows. But why do we not here about this happening on a Mac? The answer is hidden under the operating system, tracing it to it’s roots, along with the attacker’s target audience.
Apple Mac computers are a Unix based operating system. Unix is normally a very secure operating system with their own built in features. Along with this, Apple has added its own type of security features along with this. One of these features is called Gatekeeper. Gatekeeper blocks any software than hasn’t been digitally signed and approved by Apple. A second feature used by Mac’s is known as the act of Sandboxing. The process involves the checking of applications to confirm that they are only doing what they’re supposed to be doing. Sandboxing also isolates the applications from system components and other parts of the computer that do not have anything to do with the app’s initial designed purpose. The final security that is used by Apple is called FileVault2, which is a simple file management system that encrypts all of the files on the Mac computers. These embedded securities created by Apple help to create a more secure system for their users.
Normally, it would be thought that Mac users would be an easy group to target, but based on recent data, it is seen by most attackers that the amount of people present in the Apple community is not worth the overall effort of making a virus or malware that can be successful for passing through all of the Apple security obstacles. The reason why there are very limited viruses/malware for Mac devices, is because the attackers have a greater and easier target audience for Windows users.
Regardless of the very few amount of Mac related viruses and malware, there have still been instances of them occurring. In just 2017, there has been a 230% increase in Mac malware. An example of this is the OSX/Dok malware. OSX/Dok occurred in April 2017 and was a trojan that would hijack all incoming and outgoing traffic with the Mac computer. The trojan was signed with a valid certificate from Apple, meaning that the hackers could have used a legitimate developers account to initialize this attack. Another attack that took place in February of 2017 was called MacDownloader. This adware would display to a user as a free update for the Adobe Flash Player. When the installer ran, the program would prompt the user that there is adware on the Mac and would prompt for the system password. This would then begin the process of transmitting data (ie. usernames, passwords, etc.) to a remote server. The final example of successful Mac malware would be one called Safari-Get. Happening in November of 2016, this was a type of social engineering that involved sending out links through emails and the link either opening multiple iTunes windows, or multiple draft emails (just depending on the Mac operating system version). This would cause the system to freeze or cause a memory overload and force a shutdown.
Regardless of the lack of effort put forth by attackers towards Mac users, there still should be some safety concern for users. This can be made easily by updating applications and being careful when clicking links or even opening certain files.
Do Macs get viruses, and do Macs need antivirus software?
16 Apple Security Advances to Take Note of in 2016