Top Mac Malware & Threats: Watch a MacAdmins Presentation on MacOS Threat Landscape [Video]
Are you interested in seeing a non-alarmist, data-driven, and realistic assessment of the existing malware threat environment for the Mac platform? If so, you’ll want to watch this hour long presentation from Thomas Reed of Malwarebytes. Recorded at the 2018 MacAdmins conference at Penn State University, Mr Reed uses hard data found from the Malwarebytes scanner and removal tools to offer a “data driven look” at existing threats to the Mac.
You’ll find a lengthy discussion on the most common malware found to be impacting Macs, including malware of all forms, spyware, cryptocurrency miners, keyloggers, ransomware, scamware, junkware, sketchy payloads that attempt to change DNS servers and start trying to download junk to computers, fake Adobe Flash installers, fake software installers and fake updates, fake anti-virus software, fake anti-adware apps, fake scanning apps, nagware and potential malware, junky “cleaner” apps, junky “antivirus” apps, dubious ‘backup’ apps, controversial apps, sketchy launch daemons and launch agents, government malware (!), even authentic apps bundled inside dubious installer packages or outright malware installers, and other malware and garbage that is sometimes erroneously referred to as a virus or trojan horse (both of which are actually fairly rare on modern Mac OS).
Keep in mind this is a technical talk presented to Mac systems administrators, but it’s undoubtedly going to be interesting for other Mac users who are curious about the subject matter discussed.
The full hour long video, titled “A Data Driven Look at the Mac Threat Landscape”, is embedded below for easy viewing:
Now I know what you’re thinking after reading this, or after watching the presentation; “what can I do to protect myself?”
The good news is that Macs are pretty secure by default, and by following some common sense tips you can avoid most malware and other threats on the Mac platform. Often simply avoiding installing any apps from any untrusted sources and keeping a skeptical eye on any third party apps, avoiding dubious web pages and the shadier parts of the web (and never installing anything offered from there), dismissing any pop-ups from webpages ‘warning’ you of some impending disaster (which are almost always scams trying to install some junk onto your Mac), using SIP (which is enabled by default, don’t turn off SIP), keeping strict Gatekeeper rules (which is the default in macOS, most people should not change the Gatekeeper settings), allowing XProtect to stay up to date (this is done automatically behind the scenes by being online), or even just avoiding installing unneeded apps and controversial apps (MacKeeper is an example of a controversial app, you can learn how to remove MacKeeper if desired), and, if you feel like it, there are some tools and resources available to help as well.
One popular security tool is the Malwarebytes app for Mac (which is also the company that presenter Thomas Reed works for, but don’t worry the presentation is not some giant commercial for a product).
Malwarebytes offers a free and paid version, but you can use the free version for scanning and cleaning of detected infections. The paid version offers additional features that may be desirable for some users, but it’s not necessary to get the premium version if you simply want to scan and remove any found malware on a Mac.
Another excellent resource for more advanced Mac security tools is Objective-See, which is run by a brilliant security researcher named Patrick Wardle. Mr Wardle offers many free tools to boost the security of Macs, some of which we have covered here before (like using Oversight to detect camera and microphone access on a Mac). You can browse through the Objective-See collection of security tools here:
Speaking of Mr Wardle, if this general topic interests you and want to get even deeper into the technical weeds, an excellent presentation from Patrick Wardle is available here, offering an advanced guide to understanding Mac malware.
And of course we have a large library of security related articles to browse through here covering many Apple products, covering a wide range of tips and tricks on what is a very broad but increasingly important topic of information security.
Anyway, don’t freak out about Mac security. The above presentation offers a great detailed look at what the real risks are, and remember that following some simple precautions is usually enough to ward off the majority of threats, malware, trojans, and other potentially problematic junk that could impact your Macintosh experience.
As always, if you have any tips, tricks, thoughts, advice, opinions, or anything else to add to this topic, feel free to share in the comments below! Stay safe out there!
You can download slides from this presentation and others from the MacAdmins 2018 PSU conference here:
Don’t forget the other serious threats that flourish online; propaganda, active measures, misinformation, disinformation, character assassination, and other coordinated efforts to pollute information and thinking, et al, all of which is rampant on social media (and most people can’t even identify it even if they’re reading it and sharing themselves…. every meme, every link not from a reputable source, etc).
Once upon a time, people read books, and were skeptical of information from low quality sources, and they disregarded untruths and tabloids and nonsense. Now everyone sees something on the internet and if it confirms their ill-informed opinion or bias, they determine it must be true. No questions asked. Well if I believe that 2+2=15, is that a valid opinion? Shall we discuss that as a legitimate possible answer? What if I think the Earth is flat, can we discuss that and pretend it is fact? That is the way disinformation flourishes online and in media… pretending an opinion is potentially relevant or even pretending opinion or pretending a brainfart is fact. Muddy the discourse, pollute the mind. Welcome to the era of information warfare.
Watch this video, it was predicted over 30 years ago:
I did watch most of the video; Pretty slow going…
Some of the directions in that list of common sense thing for security simply don’t work on my (up-to-date) Mac.
specifically, Turning off Java in Safari made log-in impossible on my bank website
Incredible insight Dick, what a great comment that really brings something special to this discussion about Mac malware threats.
With your personal declaration that some of the security recommendations don’t work for you personally, I really feel like you’re getting to the bottom of this despite you feeling like the video is pretty slow going.
I also thought it was a little slow, a little technical and I was a little disappointed by the lack of special effects in the video. There was nobody yelling at the top of their lungs trying to instill fear in me like I love to blindly absorb like a zombie in front of cable TV, and a total lack of fear-mongering really made it hard to keep my attention span especially when I have cable news and fake news websites open splashing fear and outrage at me 24/7 that I can absorb like a little programmable sponge. Personally I was hoping for some car chases, sword battles, samurai battles, a good romance story (for my wife to keep her interested!!!), and busty blond babes bursting out of bikinis while they tell me how great my ideology is too, so I barely made it through the first 20 seconds of video thanks to my social media induced ADHD scatter braining, but I stuck with it. I think I learned something about malware threats on the Mac but I had to discard the knowledge from my brain so that I could outrage click on the latest social media propaganda being sent to me by the purveyors of fear that I totally trust because they totally tell me the truth, the whole truth, and the only truth, and they tell me they tell the truth and so obviously that is true, and you know its truthful because they are yelling at the top of their lungs on TV and making me scared of everything. That’s how you know what is a true story, if it reinforces my bias and comes from someone selling me fear it must be true stories.
Now that I understand there is not anything to overly fear on the Mac and with minor precautions you can avoid most malware on the Mac, I will find something else to be afraid of instead.
And always wash your hands after touching a stranger’s keyboard/mouse.
Seriously though, good tips are to not install something you’re not really sure of what it is, avoid Flash like the plague, use unique passwords for different sites/computers/emails etc, ignore those scary popups that make you think you’re infected, never give personal information to strangers.
And keep it all hid
Better jump down a manhole
Light yourself a candle
Don’t wear sandals
Try to avoid the scandals
Don’t want to be a bum
You better chew gum
The pump don’t work
‘Cause the vandals took the handles
Stumbled onto this article and thought about Mac security, it looks like High Sierra keeps lots of data from
segfault: wise precautions.
More videos and slides from the 2018 MacAdmins Conference!
Thanks for the video, I will watch it in full later as I try and stay up to date on this stuff. Protection and awareness of technical threats are increasingly important, and hacking is a serious problem as anyone who reads the news now understands more than ever.
Personally, I do and use the following to protect my Mac. It’s a lengthy list but it has worked for me so far, I have had no malware ever on my Mac:
– Always strict Gatekeeper settings
– Malwarebytes free version for scanning and removal as needed
– KnockKnock to find deeply embedded software as needed
– LittleSnitch to keep an eye on all in/out network connections
– NEVER install plugins into a web browser
– NEVER install extensions into a web browser
– NEVER allow Flash or Acrobat in a web browser
– I use Safari and DuckDuckGo
– Always install Security Updates for Mac
– Always keep MacOS up to date with software
– Always keep Mac apps up to date
– Only install apps that you need and use regularly
– Create a separate ‘standard’ user account and use that rather than an ‘admin’ account
– Pop-up blockers and tracking blockers in web browsers
– Never install software from unverified sources
– No Java, no Flash, no Adobe Acrobat Reader
– Routine, regular backups of all Macs with Time Machine
– Always lock my Mac when it’s not in use with a screen saver after 5 minutes
– Always use FileVault full disk encryption
– Use strong passwords, unique to each web site and service
– Have different email accounts for different purposes: work, personal, miscellaneous
– Don’t let other people use my Mac, if someone needs to check email or use the web they can use my iPad instead
– Ignore all pop-ups, warnings, alerts, unless they are from a verified system level alert
There are probably a few other things too, but that’s the gist of it.
The Mac *is* pretty secure by default, but that doesn’t mean its impervious. A little caution goes a long way.
The only thing you are missing is a full body tinfoil suit. I’ll bet you are single and a blast at parties.