Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

A couple questions about malware targeting Macs


  • Please log in to reply
8 replies to this topic

#1 Silverwing

Silverwing

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 22 January 2017 - 04:54 PM

Hello, I’m new to this website, and I’ve found it quite informative so far. I am a Mac user, and I am concerned about malware. In particular, I am concerned about the kind of malware that would attempt to exist without my knowledge or any noticeable symptoms. I will admit that I haven’t always been the most careful. I have run a few applications from unknown developers and used a few Sims mods from a few questionable sites. Additionally, I once visited a website that redirected me quite a few times before taking me to a website that had javascript trying to prevent me from leaving.

 

I have a couple questions about how concerned I should be. I will look through other threads about Macs and try to run diagnostics, and I am also considering factory resetting the computer (though I would prefer not to if not necessary).

 

My main question is as follows. I do not let any applications launch at startup. By this, I mean that when I go to “Login Items” in System Preferences, the list of “items that will open automatically when you log in” is empty. Does this mean that no third party software, including malware, can run when I restart my computer? Does it mean that I need to manually launch malware upon each restart for there to be a risk? Or is there a way for malware to automatically launch when I startup despite the list being empty? Having this clarified would be very helpful.

 

My second (and last question for now) is whether, based my activity described above, you would recommend factory resetting the computer. Is simply downloading the recommended tools from other threads and scanning enough? Or do I really need to factory reset to put my mind at ease.

 

Thanks for anyone who took the time to read this. Some people seem to think I’m paranoid because my computer is running fine, and there are no noticeable symptoms of malware. What got me nervous though was reading about the kinds of malware that try very hard to go unnoticed by the victim. Thanks again!

 



BC AdBot (Login to Remove)

 


#2 smax013

smax013

  • BC Advisor
  • 2,329 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:24 PM

Posted 22 January 2017 - 10:42 PM

Hello, I’m new to this website, and I’ve found it quite informative so far. I am a Mac user, and I am concerned about malware. In particular, I am concerned about the kind of malware that would attempt to exist without my knowledge or any noticeable symptoms. I will admit that I haven’t always been the most careful. I have run a few applications from unknown developers and used a few Sims mods from a few questionable sites. Additionally, I once visited a website that redirected me quite a few times before taking me to a website that had javascript trying to prevent me from leaving.


First, I am by no means a Mac malware expert, but I am a long time Mac users and I guess you could say a borderline general Mac expert due to that long time use (in other words, I hesitate to call myself an expert, but I am definitely very knowledgable).

The first question that I have is what version of the macOS are you running? I ask because the more recent versions of the macOS (and Windows for that matter) have more built-in protection than older versions. The more you keep your Mac running the latest version of the macOS, the greater you reduce the chances of malware even without third party protection (aka "anti-virus" programs or anti-malware scanners).

In addition, the macOS is WAY less targeted for malware than Windows is. While the threat of malware is slowly growing for the Mac, Mac malware is still rather rare.

So, overall, if you are using a recent version of the macOS, then you likely should not be overly concerned, especially if you also add in a good third party anti-virus/malware program and practice "safe interneting".

FWIW, here is the typical list of "safe interneting" techniques:

https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

And if you want to read about some of the built-in protections of the current version of the macOS, then you can read this:

http://www.apple.com/macos/security/
 

I have a couple questions about how concerned I should be. I will look through other threads about Macs and try to run diagnostics, and I am also considering factory resetting the computer (though I would prefer not to if not necessary).
 
My main question is as follows. I do not let any applications launch at startup. By this, I mean that when I go to “Login Items” in System Preferences, the list of “items that will open automatically when you log in” is empty. Does this mean that no third party software, including malware, can run when I restart my computer? Does it mean that I need to manually launch malware upon each restart for there to be a risk? Or is there a way for malware to automatically launch when I startup despite the list being empty? Having this clarified would be very helpful.


Generally speaking, on the Mac, a program needs to have an administrator password to be entered in order to allow a program to be installed or run for the first time on a Mac. So, for some malware, it can get stopped by that requirement assuming the creator 1) did not find a sneaking way around that requirement and 2) did not find a sneaky way to trick you into supplying that password (i.e. make the program look legit).

There are almost definitely ways around this, however.

As to startup items, while legitimate stuff and some illegitimate stuff will show up in the list, I would be surprised if there are ways for people to get things to run that don't show up on that.

So, while I am not a Mac malware expert and do not know the answers, I would not be surprised if stuff can load and run without you knowing about it. So, by default, I tend to assume it is possible. But, then this is were third party anti-virus/malware programs can come into play.
 

My second (and last question for now) is whether, based my activity described above, you would recommend factory resetting the computer. Is simply downloading the recommended tools from other threads and scanning enough? Or do I really need to factory reset to put my mind at ease.
 
 
Thanks for anyone who took the time to read this. Some people seem to think I’m paranoid because my computer is running fine, and there are no noticeable symptoms of malware. What got me nervous though was reading about the kinds of malware that try very hard to go unnoticed by the victim. Thanks again!


Ultimately, it will really come down to how paranoid you are and how much effort you want to expend and to what level of assurance that your machine is clean you want to go to.

While I am not a Mac malware expert (as previously stated), I am experienced enough with Macs to know that in general the odds of a Mac being infected with something is relatively low. This is due to the general low amount of stuff targeting Macs and the relatively good built-in protections.

So, I would tend to say you likely are just fine getting one or more of the third party anti-malware/virus (only one "real-time" scanner, however) programs and run it/them to see if anything shows up. If you don't find anything and your computer runs with no strange issues, then you are likely fine and wiping and doing a clean install is likely overkill.

But, as I said, it is really a matter of your level of concern as it certainly doesn't hurt to wipe and do a clean install (other than spend a chuck of your time doing it).

#3 Twin B

Twin B

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:10:24 PM

Posted 22 January 2017 - 11:08 PM

^^ SMAX always gives a good level-headed response to questions. 

 

Not long ago I picked up a couple of bad guys somehow which were attached to Adobe flashplayer. I downloaded Avast, a free program, & it found & quarantined both infections. It now updates the bad guy definitions by itself regularly & keeps my system clean. Here's a link to my problem that we figured out here:

 

https://www.bleepingcomputer.com/forums/t/636475/2-infections-in-adobe-flashplayer-download/

 

And a link to the Avast program, if you're so inclined:

 

https://www.avast.com/free-mac-security

 

Welcome to the forum by the way. Don't be a stranger, hear?


I've learned blood is not thicker than money. 

 


#4 Silverwing

Silverwing
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 24 January 2017 - 01:46 PM

Thank you, BC Advisor, for your thorough and informative reply. I am running the latest version of OS X, so that is reassuring. I have decided not to reset my computer for now, but I will be more careful and scan with an on demand scanner. Thanks for the help!



#5 smax013

smax013

  • BC Advisor
  • 2,329 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:24 PM

Posted 24 January 2017 - 04:29 PM

Glad to help.

#6 Twin B

Twin B

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:10:24 PM

Posted 24 January 2017 - 10:50 PM

And thank you too Twin B for taking the time to reply to my post. 


I've learned blood is not thicker than money. 

 


#7 MaryBet82

MaryBet82

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 31 January 2017 - 10:29 AM

Twin B and other Avast users.

 

I started to install the free Avast program and found the privacy policy kinda scary. They collect files and email info. They send it to other countries. They say they don't associate it with personal info but they also say that they do share registered info w/ their partners and other business and that I may "hear from them" regarding things I'm interested in.

 

I've always heard good things about Avast and it's been around for awhile. I'm assuming they are just covering all their legal bases and part of the "free" price is I'll get some email offers from their business partners. I don't mind the collection and use of info re my computer's hardware, websites I visit, iffy emails I may receive [but didn't click on] etc if they don't link it to my personal info or personal info of others in my personal files or email contacts. I don't mind a few advertising emails if I can unsubscribe.

 

No one has had any problems, right? It's safe to agree to their privacy policy and continue installation?


mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

#8 TechGirl504

TechGirl504

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:24 PM

Posted 31 January 2017 - 11:39 AM

I am not a Mac expert, but I feel that I can be helpful here. 

 

Let's start with your first question, it is my understanding that you have it set up so no programs automatically start up when you start your computer. All this means is that when you turn your computer off and back on that there is no program running and none with come up automatically. For example, when I restart my computer I have a couple of programs that start up automatically, slack, excel, word, and chrome, as I use these daily and it makes my life easier to have them start automatically. You have to input your password to install anything and you would know if any program is launching on startup that you don't recognize. 

 

As for your second question, I understand how painful a factory restart could be! Personally I would do anything in my power to avoid a factory restart. Just a few things I would do:

1. Start by going through your computer and deleting any programs you don't use any more, have never used, or don't recognize (bonus, your computer will run faster if you delete enough).

2. Buy a reputable antivirus software and install it and run a virus check. I would suggest going to the store and purchasing a disk so you know you are not downloading malware. If you keep up with it then it should detect any malware sites before you do anything and therefore protect you in the future. The scan will then help you determine what you need to remove.

3. If you still have concerns and decide to do a restart, make sure you backup any information you will need and/or don't want to lose (photos, docs, and so on).

 

If you will only be put at ease by doing a factory reset then do that, otherwise, just having antivirus software and running a scan should do the trick. I would also recommend being a little more careful in the future. ;) 



#9 smax013

smax013

  • BC Advisor
  • 2,329 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:24 PM

Posted 01 February 2017 - 10:04 AM

Twin B and other Avast users.
 
I started to install the free Avast program and found the privacy policy kinda scary. They collect files and email info. They send it to other countries. They say they don't associate it with personal info but they also say that they do share registered info w/ their partners and other business and that I may "hear from them" regarding things I'm interested in.
 
I've always heard good things about Avast and it's been around for awhile. I'm assuming they are just covering all their legal bases and part of the "free" price is I'll get some email offers from their business partners. I don't mind the collection and use of info re my computer's hardware, websites I visit, iffy emails I may receive [but didn't click on] etc if they don't link it to my personal info or personal info of others in my personal files or email contacts. I don't mind a few advertising emails if I can unsubscribe.
 
No one has had any problems, right? It's safe to agree to their privacy policy and continue installation?


I don't use Avast on my Macs (but do on my Windows computers), so I have no direct experience with this.

As to emails, the way I hand that is that I have a number of email addresses that I use for differing levels of "potential spamminess". My main three levels my primary one that is for only close friends and family and business (I am self-employed); I have my normal "junk" email address that is for my typical purchases and other typical websites (Avast would fall into this category for me); and then I have my true "I don't trust you" spam account for any websites that I don't really trust, but still need to interact with. I have a few others for specific purposes (i.e. I maintain one email account just for messages from forums, such as this one, that I participate on) or other reasons (i.e. I get one email account by default from my ISP that I don't really use for anything other than emails from my ISP).




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users