Mac computers (laptops and desktops) are Apple’s second-best-selling products after the iPhone. In 2022 alone, the company generated over $40 billion in sales from its Mac product lineup.
One of the strongest selling points is that MacOS is less vulnerable to viruses and malware than Windows, Linux, Android, and other operating systems.
However, like any internet-connected device, Macs aren’t completely immune to cyberthreats and attacks.
In this post, we’ll share a simple diagnostic guide to checking your Mac for viruses and malware.
Table of Contents
The Most Popular Malware Attacks Targeting Mac Users
1. The Shlayer Trojan
In 2021, Apple discovered a serious security flaw in MacOS that enabled users to download and run unofficial or restricted apps.
Hackers created malicious software called Shlayer that exploits a logic error to bypass Apple’s main security mechanisms (Gatekeeper and File Quarantine) to generate ad revenue through fake clicks.
The only catch was that they’d have to convince you to download the malware hidden in different apps. Fortunately, Apple released a security patch in macOS 11.3 to fix the bug.
However, the global security incident raised concerns. According to MacUpdate, the Shlayer trojan has affected nearly 10% of all Mac devices worldwide.
2. SysJoker
SysJoker is among the most dangerous cross-platform malware targeting macOS, Windows, and Links.
Since 2022, it has impacted millions of devices worldwide by downloading spyware for unauthorized surveillance, cyber espionage, and other crimes.
3. Exploit HVNC, Atomic macOS Stealer (AMOS) & ShadowVault
2023 has witnessed a massive surge in cyberattacks targeting Mac products and macOS, with the continuous influx of new and advanced malware, such as:
- Exploit HVNC – Exploit HVNC is one of the newest malware launched in July 2023. Hackers use it to access insecure Macs and gain unauthorized access remotely. Insecure Macs are devices with an outdated macOS, no passcodes, or third-party security solutions like antiviruses;
- ShadowVault – ShadowVault is a type of spyware that steals usernames, passwords, credit card information, and other data from digital wallets and similar apps on Mac devices;
- Atomic macOS Stealer (AMOS) – AMOS is malicious software that steals account passwords, desktop files, and other documents stored on Mac devices.
The good news is that Mac malware attacks account for just 6% of total cyber attacks.
Hence, these devices are safer than Windows, Linux, and Android.
The bad news is that trojans, backdoors, and rootkits are actively making Macs more vulnerable than ever before.
So, there might be a significant rise in attacks by the end of 2023 and beyond.
Signs Your Mac May Be Infected by Viruses or Malware
Before checking if your Mac’s security has been compromised, you must learn and understand the most common signs of a malware or virus infection:
- A Noticeable Drop in Performance – If you notice a sudden drop in performance when using your Mac, someone could be running DDoS attacks, crypto jacking your device, or downloading ram-heavy software;
- New Apps or Files – You may come across new apps or files you don’t remember adding;
- New Browser Extensions – Whether you’re using Safari or Chrome, hackers can direct malicious traffic to your browser using hijacked or trojan extensions;
- More Ads – More ads or pop-ups are a common sign that you’ve become a victim of adware;
- Impersonated Communications – If your family, friends, or coworkers complain about receiving spam or strange messages from social media accounts open in your browser, it could mean your Mac has been compromised with malware;
- Restricted Access – Finally, one of the most serious signs of malware is restricted access to personal files or applications. This means that your system has been infected with ransomware –malware that encrypts your data and holds it for ransom.
How to Check Your Mac for Viruses and Malware – A Step-by-Step Guide
1. Check for Unknown Applications
The first thing you should do is check your Mac for unknown applications. You can do this by opening Finder and checking the Applications folder. Delete any unknown or unwanted apps, and then empty your trash.
2. Check Your Downloads Folder
Next, check your download folder for any app or file you don’t recognize. Make sure you don’t double-click on them. You might activate them without knowing it. Instead, click on their icon and then hit the space bar. You should then see the file or app name. Delete the ones you don’t recognize.
3. Check for Suspicious Login Items
Malicious software, such as ransomware and spyware, starts working in stealth mode when you turn on and log into your Mac. To stop this from happening, follow these steps:
- Click the Apple icon and access System Preferences;
- Go to Users & Groups and then select Login Items;
- Once the pop-up appears, click the lock in the lower portion;
- Click the minus signs to remove any suspicious login items;
- Click the lock icon again to verify your new settings.
What to Do If a Virus Has Infected Your Mac
Below are some effective steps you can take to if cybercriminals have compromised your Mac:
1. Switch Off Your Wi-Fi Immediately
If you suspect a malware infection, switch off your Wi-Fi immediately and go offline until you figure out a solution.
If you rely heavily on the internet, ensure you use a Virtual Private Network (VPN) to encrypt your traffic and mask your IP address.
Make sure you choose a server close to you. For instance, if you’re in the US, opt for an American VPN server.
2. Avoid Logging into Your Accounts
Chances are, malicious criminals still monitor your activities through your Mac after infecting it. So, avoid logging into your social or banking accounts to safeguard your passwords.
Ideally, you should change your Mac’s login password by going to System Preferences> Users & Groups. Repeat the process for your iCloud and other essential accounts, preferably using another device.
3. Perform a System Rollback
Apple provides one of the best backup solutions in the market. You can easily perform a system rollback and restore your Mac from a previous version without malware or viruses. However, this is usually a last resort.
How to Remove Malware from Mac
Below are the most effective ways to remove viruses from your Intel or M1 Mac.
1. From the Safe Mode
Turning on your Mac in Safe mode stops malware from loading following the boot. Here’s how to do it properly:
- Turn on or restart your Intel Mac and then press and hold Shift. For M1 Mac, press and hold the power button for 10 seconds;
- You should see the login window on your Intel Mac. Enter your details and continue.
- For M1 Mac, you should see the start-up options window. Choose your preferred startup disk and then press and hold Shift.
- Click on Continue in Safe Mode and release the Shift Key. Your Mac is now in Safe mode;
- To confirm your device is in Safe mode, click on the Apple logo and go to About this Mac. Click on System Report and then Software to confirm if the Boot Made says Safe.
2. Identify Malware in Activity Monitor or Run a Scanner
Mac users can easily use the Activity Monitor to find and remove malware:
- Go to Applications and then click on Utilities;
- Under Utilities, click on Activity Monitor to search for apps with high CPU or memory usage;
- Click on X to close suspicious apps;
- Now, go to Finder and delete them. Ensure you empty the trash.
If you can’t find any suspicious apps or files, you should run a third-party anti-malware scanner to thoroughly scan your files and find the virus source.
The Bottom Line
Macs are like any other internet-connected device. They might not be as vulnerable to threats as Windows or other computers.
Nonetheless, you must do your due diligence and learn to check your Mac for viruses and malware.
If you find an infection, you can take the steps above to eliminate the threat seamlessly. The more vigilant you are about cybersecurity, the less likely you will become a cybercrime victim.