Macs absolutely need virus and malware protection just like PCs, AND they need to be updated regularly or you’re making your network vulnerable. Our tools are built to be affordable and offer industry-leading protection for both Macs and PCs.
Don’t be lolled into a sense of security just because Macs are less susceptible to attack. Here are just a few recently documented malware attacks that have targeted mac computers and how they work:
Spotted at the end of April 2017.
Apple rushed to block it.
The macOS Trojan horse appeared to be able to bypass Apple’s protections and could hijack all traffic entering and leaving a Mac without a user’s knowledge - even traffic on SSL-TLS encrypted connections.
The attacker could gain access to all victim communication by redirecting traffic through a malicious proxy server.
OSX/Dok was targeting OS X users via an email phishing campaign. The best way to avoid falling fowl to such an attempt in the future is not to respond to emails that require you to enter a password or install anything.
Xagent is capable of stealing passwords, taking screenshots and grabbing iPhone backups stored on your Mac.
It's thought to be the work of the APT28 cybercrime group, according to Bitdefender.
OSX/Pirrit was apparently hidden in cracked versions of Microsoft Office or Adobe Photoshop found online. It would gain root privileges and create a new account in order to install more software, according to Cybereason researcher Amit Serper.
In February 2017 researchers found the MacDownloaded software lurking in a fake update to Adobe Flash. When the installer is run you'll get an alert claiming that there is adware on your Mac.
You'll be asked to click to "remove" the adware, and when you enter your password on your Mac the MacDownloader malware will attempt to transmit data including your Keychain (so that's your usernames, passwords, PINs, credit card numbers) to a remote server.
Luckily the threat seems to be contained for now: the remote server it the malware tries to connect is now offline.
The best way to avoid such attacks is to always check on Adobe's site to see if there is an update to Flash you should be installing. (http://www.macworld.co.uk/)