antivirus Best Mac Anti-Virus Thread

[snaphat (Myles Landwehr) Member]

This is the very definition of anecdotal evidence.  I haven't had malware on my Windows machine in over 10 years, therefore it doesn't exist.  I don't know anyone who owns an iPhone, therefore they don't exist.  I don't know anyone who owns a PS4 either, so obviously nobody has one.  See how this works? 

 

Note that Sonne is shifting the goalpost. Originally the claim was that there wasn't any viruses for Mac in the wild. It was then pointing out to him that most Malware infections aren't actually viruses and further shown that Malware does exist for Mac (by you, goretsky, and me). Since we've shown him that Malware does exist for Mac, the only logical course is for him to move the goalpost and show that he, himself, doesn't need anti-malware software and to try to make a hasty generalization out of his specific case.

 

I'm not saying that it means you need full time running protection.  I don't use a resident AV suite on my Windows machines either, I use other means to keep my systems secure.   (I agree with wasted resources.. if you're relying on an AV suite to tell you that you got malware, you probably already messed up.)  But it doesn't mean you're immune to malware and you can just do whatever you please with anything you do or download either.  Malware does exist for other operating systems.  OSX has had it's attacks, even Linux has had some.  (Kernel.org and a few other high profile sites being taking down due to a rootkit anyone?)   There is no such thing as an operating system that's immune to malware or exploitation.  User error, gullibility, vulnerabilities in software, or just plain carelessness, all sorts of ways to do damage to somebody's system.  The only reason Windows machines get targeted the most is due to the sheer number of users, most current malware is money or data theft oriented, they tend to go where the most people are.

 

Well said. I still think Sonne is doing a disservice to Mac users by making it seem as if one doesn't have to bother to do anything and is simply immune to attacks. Anti-malware software is no substitute to being smart about what you install/etc. but many folk simply don't have the background to know how to keep safe in the first place.

 

Apple itself offers suggestions on how to be safe from Malware for this reason: http://support.apple.com/kb/PH11432. And even disabled installing applications from unknown sources per default in Mountain Lion.

[goretsky Supervisor]

Hello,

 

No properly-written anti-malware software for OS X interferes with the continuity, integrity or reliability of the Apple Mac on which it is installed, nor does it consume excessive system resources such as processor utilization, memory capacity, disk I/O or network bandwidth.

 

I can provide some external proof of this:  If you visit Apple's web store, you will find some security programs for sale in it.  Apple will not and does not allow programs which cause problems with its computers to be sold through its store.  I know this because about four years ago, one of my employer's programs was removed by Apple from its webstore for this reason.  As you might imagine, our developers worked very dilligently to fix the issue.  This is not limited to anti-malware software, of course; I'm sure other kinds of programs have been pulled by Apple from its web store when they caused issues with Apple products.

 

Now that we have gotten the specter of compatibility issues out of the way, let's look at some of the reasons a person might run anti-malware software on their Mac:

 

• They work with proprietary or confidential data, and have concerns it might be altered, deleted or stolen.
• They frequently download and run pirated software.
  (If you take a look at the last five or so Microsoft Security Intelligence Reports, you can see that the greater a country's piracy rate, the more likely they are to experience malware.)
• They were affected by malware once and as a result run anti-malware software on all their devices (smartphone, tablet, PC, etc.)
  (The "once-bitten, twice shy" approach.)
• It is a requirement mandated by school, employer or other source.
• They work with, or otherwise exchange data with, computers that run more heavily-targeted operating systems, such as Microsoft Windows.

I am sure you there are plenty of additional reasons, but those are just a few off the top of my head.

 

One thing that I think is important to keep in mind, which is an issue we have kind of side-stepped so far, is why exactly is there a need for anti-malware software on OS X?  Well, the obvious answer to that is because there is malicious software for OS X.  And that, in turn, leads to the real crux of the question:  Why exactly (e.g., for what purposes) is malicious software being written for OS X?  Outside of PoCs, the answer seems to largely fall into two camps: 

 

The first is for criminal reasons, which is to say, somehow illegally making money off the computer.  Examples of this might include things like DNS redirection to certain search engines, stealing account credentials, using the Mac as zombie in a botnet or some other higher-level tiered function such as a drop zone or a C&C server, and so forth.

 

The second reason is for surveillance or espionage.  This can be both by governments and corporations, and, as for reasons, well, whatever reasons those sorts of folks like to spy on other folks.  Between the links I provided earlier and all the news involving Edward Snowden, I don't really think there's anything additional which needs to be said here.

 

If you go to any of the conferences which specialize in discussions of malicious software (CARO, EICAR, ISOI, VB and so forth) you will see a lot of security professionals running Apple MacBooks of various kinds (even I have one), and they are all running anti-malware software on them.  I think that would be a much better venue for determining whether or not a given operating system needs security software, because those are the folks who see the threats day and day out.  There are a lot of Mac-centric forums with some very security-savvy people on them, but the overall focus of such venues is usually the Mac ecosystem, not system security, information integrity, continuity of operations or all the other things which go on under the umbrella of information security.

 

Before I conclude this message thread, there are a couple of things I wanted to mention:

 

Firstly, you seem to be under the assumption that I am advocating anti-malware as the primary and sole means of securing Apple Macs.  That is incorrect.  A layered-approach is necessary to defend any computing resource, and that includes user education, staying up-to-date with OS and application patches, performing backups, testing your disaster recovery plans and so forth.  These are just as important as anti-malware software, it not more so.  Anti-malware may be an important tool in your information security arsenal, but its only one tool out of many.

 

The second thing is, you keep saying "antivirus" or "A/V" when discussing anti-malware software.  I realize the reasons for doing so (public literacy levels, familiarity with computer viruses versus other kinds of threats, marketing, etc.), and am often guilty of doing it myself in casual conversation.  However, in this particular conversation, it makes your writing less persuasive.  It would be as if we were having a discussion about cars and you kept talking about them as horseless carriages.  The criminal world has largely moved on from computer viruses because they have better types of malware to use for stealing and their other criminal enterprises.

 

Regards,

 

Aryeh Goretsky

 

 

 

[Gurkin]

I must be the luckiest person in the world because I've been using Macs for 27 years and never had a malware problem. Am I alone?

[Xerino]

None, dont really need one, I do run AVG on my Windows install though

[Photography]

Been using Macs for well over a decade. I've never gotten a single virus or malware issue.

[Zinitter]

Been using Sophos Anti-Virus for years, quite good.

[+Gl1tterUnic0rns Subscriber²]

I've been using Sophos Antivirus for Mac for years, I highly recommend it,  

[Mlee1]

eset cybersecurity

[Royalty]

ESET Nod 32 for me. Most definitely.

[adrynalyne]

The best malware is the stuff that goes undetected.

 

Those that spout their flawless track record should keep that in mind.  I seriously doubt any of you truly know for certain.

[John Constantine]

BitDefender Free but I haven't found a single one ever, in fact I haven't found a single Windows virus in any of my files I've downloaded either >_>

This.  I think you have the best malware prevention system...common sense.

[ssj4gogita4]

Not to bump this or anything but I've always been a fan of Malwarebytes for several years now and haven't really used much else. Even on Windows, I didn't use anything else and it did the best job from the ones I've tried (Norton, Avira, Avast, AVG, etc.). Would find trojans that other programs would not.

[d5aqoëp]

Do we still need antivirus for macOS?

[adrynalyne]

58 minutes ago, d5aqoëp said:

Do we still need antivirus for macOS?

You tell me. Exploits found have increased over the years and so has malicious software. Does that mean you need it less now? Doubt it

[goretsky Supervisor]

Hello,

Some recent reports of Mac (macOS) malware from the last couple of weeks:

 

OSX.HiddenLotus.A - https://securityboulevard.com/2017/12/interesting-disguise-employed-by-new-mac-malware-hiddenlotus/

OSX.Pirrit - https://www.scmagazineuk.com/new-macos-malware-steals-bank-log-in-details-and-intellectual-property/article/718542/

Proton RAT - https://www.macworld.com/article/3237678/macs/sophisticated-mac-os-malware-uses-trust-and-developer-certificates.html

 

Even if a Mac isn't performing any high-risk activities, it is probably still a good idea protect it. 

 

 

Regards,

 

Aryeh Goretsky

[linettereed]

In my opinion, Sophos and ESET works fine for me as I am using them from quite a long time and have switched to some other antiviruses as well. Infact, I would prefer the former over latter, if given a choice.

[linettereed]

To be very frank and on a serious note, using mac is quite safe from viruses itself because Apple has made that mark from a long time and will do everything to keep its head above all. Till the time you don't do some deep random websites surfing getting you to catch some sort of virus, it's altogether safe to use it without antivirus. Still, to go with an option, Sophos is best till date.

[jadison]

I'm not using anything at the moment, however I'll install and run ClamX AV from time to time.

[fusi0n]

I use Sophos on my personal MacBook Pro, Symantec on work MacBook Pro, and nothing on my personal Mac Pro. 

[Katastrofe]

I've never installed antivirus software on my Macbook Pro.
 

[adrynalyne]

9 minutes ago, Katastrofe said:

I've never installed antivirus software on my Macbook Pro.
 

That’s fine as long as you aren’t under the misconception that there are no Mac viruses/malware. 

[Dosantos]

I used to use MalwareBytes for macOS. Uninstalled it as it failed to prevent SearchMarquis redirect and did not give any attention to annoying fake AV like Quick Mac Fixer. 

Spoiler