OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

VirusBarrier removed from App Store

Posted on March 10th, 2014 at 8:24 AM EST

Intego’s VirusBarrier Express has been my favorite malware scanner for manual scans for some time. It was from the App Store, so I could be sure it wasn’t installing components in the system anywhere, and it had truly excellent detection rates for Mac malware. I recommended it frequently. So I was shocked and dismayed to find that both it and the paid VirusBarrier Plus were quietly removed from the Mac App Store last week!
Read the rest of this entry »

44 Comments

Time to re-evaluate safety of Mac OS X

Posted on March 5th, 2014 at 11:07 AM EST

My Mac Malware Guide has, for some time, made the claim that a properly up-to-date Mac OS X system cannot be infected by any known malware. This was true at one point, with some provisos, when that text was originally written. However, recent cases of malware that has failed to be blocked by the XProtect anti-malware system in Mac OS X prompted me to do a re-evaluation of this statement. What I found was profoundly disappointing, leaving me wishing that I could take those words back.
Read the rest of this entry »

9 Comments

Mac anti-virus testing 2014

Posted on January 27th, 2014 at 8:49 AM EST

Update: Many people have completely ignored some of the cautionary information mentioned in the Scope section, and have erroneously assumed that the anti-virus apps at the top of the test results are the best to use overall. For this reason, I will not be repeating these tests. Feel free to read on to see the results of the testing, but please read the entire article, and don’t just skip ahead to the results. If you are looking for advice about what anti-virus software to use, you would be better served by reading my Mac Malware Guide.
Read the rest of this entry »

46 Comments

Preliminary anti-virus testing comments

Posted on January 22nd, 2014 at 1:06 PM EST

I have been working on another round of testing of anti-virus apps. The last time I did this was one year ago, in January of 2013, so I decided it was probably time to repeat it. I have finished all the scanning, but still have a pile of work in front of me to get all the data tabulated. Still, this experience has been frustrating enough that I want to make some preliminary comments, before I have the full results in-hand.
Read the rest of this entry »

21 Comments

How to remove infected files

Posted on October 27th, 2013 at 9:42 PM EST

I get questions all the time asking me how to remove a variety of infected files. There are a variety of different things that might be turned up by anti-virus software, some to worry about and many not to. They show up in a variety of places, some of which should not under any circumstances be touched by the user, much less by anti-virus software. How is a person supposed to know how to handle such things, or whether to handle them at all?
Read the rest of this entry »

7 Comments

How does your Mac NOT protect you?

Posted on October 25th, 2013 at 11:33 AM EST

I spend a lot of time telling people about how their Mac protect them from malware. I have even written an entire section on the topic in my Mac Malware Guide. So it may be a bit surprising that I seem to be suddenly turning around and saying the opposite.  That’s not the case, though. The Mac still protects you just as I have said… but it’s also important to keep in mind where the holes in those defenses are. Just as a house isn’t secure if the owner is unaware that the back door is unlocked, neither is a Mac safe if the owner isn’t aware of the holes in its security.
Read the rest of this entry »

10 Comments

MacScan disappoints

Posted on February 12th, 2013 at 5:53 PM EST

After testing many different anti-virus programs over the last few months, I found something that disturbed me greatly. MacScan, made by SecureMac, is one of only a very few Mac-only anti-malware tools. It has a long history with the Mac, having been around since the very first versions of Mac OS X. Unfortunately, it failed my tests abysmally! The question that came to mind immediately was: why?
Read the rest of this entry »

14 Comments

Mac anti-virus testing, part 2

Posted on January 28th, 2013 at 1:50 PM EST

There are almost as many anti-virus programs for the Mac as there are families of malware, and a constant question among Mac users is whether to use one and, if so, which one to use. Last November I began a project to test Mac anti-virus programs to see what malware they are capable of detecting. This document describes the second round of testing, in which I look at a total of 20 different anti-virus programs using somewhat different methods than those used in the first test.


Read the rest of this entry »

41 Comments

Mac anti-virus detection rates

Posted on November 14th, 2012 at 9:03 AM EST

Studies have shown that Windows anti-virus programs do not detect more than 90% of all malware at best. It has been speculated by some that Mac anti-virus software may not suffer the same problem. There are hundreds of thousands or millions of different malware programs for Windows, while on the Mac there are only around 33 (by my current count), most of which are “extinct” at this point in time. This document will attempt to answer the question of how accurate Mac anti-virus software is at detecting malware.
Read the rest of this entry »

68 Comments