Table of Contents
A lot of people who possess Macs think that they are totally safe from malicious software, and Microsoft Windows is the only OS susceptible to viruses. However, it is further from the truth than you might even think. According to the 2020 State of Malware Report from Malwarebytes Labs, the amount of software threats on Mac has surpassed the same number on PC for the first time.
While the types of threats the Mac users face are not as dangerous and device-breaking as they often are for PCs, they are still a nuisance. The unwanted software appearing on Mac can flood the device with ad pop-ups, slow it down, steal personal information, and even mine cryptocurrency. There are even forms of ransomware that block access to certain files and demand payment to unlock them.
So, how do you avoid these dangerous attacks on your device? There are simple rules you can follow and even specific software that can protect your device from threats that bypass the integrated Apple protection. Let’s take a look at 5 most dangerous viruses that emerge on Mac, how they do it, and how to sidestep them.
OSX/CrescentCore is a virus that has been detected in the wild in 2019. It is concealed as a .dmg file of an Adobe Flash Player setup file. What made it hard to detect and to analyze is that it wouldn’t install itself on a device with third-party antivirus software or if it was launched on a virtual machine (which is often done by analysts).
After the CrescentCore is introduced, it would set up unwanted software (Advanced Mac Cleaner) or undesirable browser plugins. As you will see later, Adobe Flash Player installers are often used for malware distribution, so the best way to bypass this malevolent program is to be careful with it.
CookieMiner was caught in the wild at the beginning of 2019 and it mostly marks Mac users with Google Chrome browser installed. The virus targets saved Chrome cookie files, especially the ones that collect information about cryptocurrency exchange (like Binance, Bittrex, Coinbase, and others). Furthermore, the malware steals personal data, like saved passwords, SMS messages, and other data. It also hijacks the devices’ CPU to mine cryptocurrency.
The best solution to avoid the consequences of contamination by this virus is to clear your browser’s cache regularly, especially after you make financial transactions. Some experts recommend using other browsers than Chrome, as it is the one that is targeted the most.
An egregious Windows Trojan virus, GravityRAT, has been spotted on macOS devices recently. Furthermore, there have been found more than 10 versions of this malicious software, disguised as helpful programs, such as a secure file sharing software.
This virus can do a lot of damage to your device and your security. GravityRAT can steal your Office-related files, take screenshots and send them to hackers, and even record whatever you’re typing on your keyboard. To avoid this malware, always install your application from a trustworthy source, as it uses stolen developer certificates and can be built into the genuine-looking programs if they are built with Python.
Crossrider is a family of adware (the software that shows unwanted advertisements) that often targets both Windows devices and Macs. It was discovered by experts on macOS devices in 2018. As well as CrescentCore, it disguises itself as the Adobe Flash Player installer. After you launch it, Crossrider installs the Advanced Mac Cleaner and sets up an ad as your browser’s home page.
The malware affects your configuration profile settings, so deleting parts of Crossrider won’t change its impact on your system. So, be extremely careful when you install the Adobe Flash Player or its updates, as the consequences for your device might be extremely drastic.
This malware has first been described at the beginning of 2018 on the Objective-See blog. This software changes the DNS server settings to hijack the information. OSX/MaMi has been described as an especially persistent version of such a DNS hijacker, as it installs new root certificates to seize even encrypted communication. It can also capture your screen, send and receive certain files, launch applications, and enforce commands.
At the moment of discovery, none of the known antiviral software was able to detect the virus. The best protection from it is a firewall that blocks the connection to certain servers. Other than that, you should also avoid launching unfamiliar executable files, as it is also the method the virus is spread.
While viruses on macOS are not as dangerous as they often are on Windows, that is not the reason for you to be careless. They can definitely be a nuisance, flooding your device with ads, slowing it down by mining cryptocurrency on it, and stealing your sensitive information.
Overall, the advice for you to avoid the infection of your Mac is similar to the advice often given to PC users. Don’t ever install any software from untrustworthy sources (especially when it comes to Adobe Flash Player), and if you want an additional layer of protection – install third-party antivirus software and a firewall.