Contrary to popular belief, Macs do get viruses and other malware. Due to the way a Mac is constructed, the risk of that malware spreading is limited compared to the risk of it happening on a Windows device. But it’s still a serious threat — one that is getting worse by the day. So, you need to know how to check for malware on a Mac.
What does “malware” even mean?
Quite often, we switch between the terms “malware” and “virus.” Many people may believe that they are synonymous, but there’s actually a difference.
Malware refers to an all-encompassing category for many different kinds of threats against a computer and/or network. Included in that category are viruses, but other subcategories can include threats such as adware, spyware, scareware, ransomware, keyboard loggers, worms, and remote access trojans (RATs).
For the sake of simplicity, we will refer to viruses in this article as malware.
The common symptoms of a malware infection
Just like sneezing means you have a cold, there are typical symptoms of malware infection. Here are a few.
Your MacBook is slowing down to a crawl
Malware are greedy little creatures. Not only do they want all your data, but some types also try to use your CPU and memory for their own purposes. This is especially true for hidden cryptocurrency miners or ransomware during file system scanning and encryption. What they do on your device can be very resource-intensive, and that requires a lot of the memory capacity your device is capable of.
Some legitimate apps can take up a lot of CPU usage, but usually, shutting down non-essential apps can bring that CPU usage back down to a sustainable level. Even closing the Google Sheets tab in your browser can make a difference.
However, if nothing seems to make a difference, and your CPU and memory remain stubbornly above 90%, then you likely have a malicious app or script running in the background.
Keep your Mac secure: use antivirus software, follow these tips and avoid cracked or pirated software.
Oleh Kulchytskyi, Reverse engineer at Moonlock
Your Wi-Fi connection is notoriously unstable
This, in itself, doesn’t always automatically mean malware. We all experience slow or unstable Wi-Fi from time to time, and restarting the router usually fixes it in a jiffy. But if your connection keeps slowing down or dropping speed multiple times a day, there might be something else at play here.
As we said, malware can be resource-intensive. Data-stealers, or malware that turns your Mac into a relay for DDoS attacks, often generate unusually high network traffic. It needs your Wi-Fi to send its ill-gotten gains (your personal data) back to a command-and-control (C2) server. This can result in noticeably slower browsing, video buffering, or high values in the Activity Monitor’s Network tab (Sent Bytes/Recvd Bytes columns).
Suspicious installed apps are appearing
One common malware delivery method is malicious apps on your MacBook. These can arrive by either the malware installing them or you installing them from an unsafe source. These apps then coordinate the heist of your data.
If you find a strange app in your Finder’s Applications folder that you don’t remember installing, it needs to be removed immediately.
Your browser has developed a mind of its own
When you type “google.com” into the browser URL bar, the usual result is that you go to Google. Obvious, right? But what if you enter “google.com” and end up on a different web browser? A browser hijacker may be to blame.
With browser hijackers, hackers can redirect to an obviously different site or a cloned website that looks like the one you want to go to. Only if you look closely will you see that not everything is as it seems. If you have any unknown extensions on your browser, that is also a sign of browser hijacking.
You’re drowned by pop-up ads that want you to buy, buy, buy
One of the scourges of the internet is pop-ups. Users utterly hate them. That’s why ad blockers have become so popular.
For a hacker, however, pop-ups (known as adware or scareware) are the equivalent of a cash cow. By making the pop-up intimidating and dramatic enough, they can often get a lot of people to click it and buy whatever is being advertised. Not only could this result in a malware-infected file on your computer, but your personal details could also get stolen and used.
Can you get infected with a virus or other malware and not notice it?
It’s entirely possible to get a virus or other malware on your computer and not even realize it for quite some time.
Some people may think that pop-ups are a usual part of the internet and close them. Or they may also have an old computer that already runs slowly, so when it runs a bit slower, they think nothing of it.
So, yes, it’s possible that they may not realize that you have a virus or some other type of malware. But by educating yourself on what malware looks like and proactively scanning for it regularly with Moonlock, you can decrease the number of potential victims.
How to run a Mac virus scan
If you are convinced that you have malware on your Mac or you just want to check to be sure, you will need an antivirus solution. Macs have a built-in antivirus tool known as XProtect, but there’s no such thing as too much protection. Having an additional line of defense makes good cybersecurity sense.
Moonlock is built specifically to help Mac users if they suspect they have a malware problem. In contrast to XProtect from Apple, which is invisible in the background, Moonlock gives you a way to actively scan your computer and remove malware as it comes in.
Designed specifically for macOS, the Malware Scanner uncovers everything from stealthy keyloggers and spyware to aggressive adware and browser hijackers. Once detected, these malicious files are sent to Quarantine immediately, where they are kept safely to be reviewed and deleted. You can keep your peace of mind with Moonlock and make sure your Mac stays protected 24/7.
Get your free trial of Moonlock and follow the steps below.
Open Moonlock
Once you have Moonlock downloaded and you open it for the first time, the first place you want to go is the Malware Scanner. In there, you will see the Deep Scan. This will run the deepest scan possible to try to find any malware or other malicious files that are hidden, dormant, or masquerading as software.
To keep your Mac protected, you can also enable real-time protection and background monitoring. This turns Moonlock into a 24/7 shield that monitors everything coming into your device.
Run a scan
Simply hit Scan to take the first step toward improving your computer security. This scan can be done at any time, as it runs in the background and will not slow your device down while it runs.
Review and quarantine threats
When the scan is finished, you will see that anything it found is now in Quarantine. This will stop these threats from causing any more damage to your computer.
Review the results and try to see if there are any clues in the file names to how they go into your device, then delete everything. Now, you have confidence that your Mac is protected from malware going forward.
Schedule deep scans and turn on real-time protection
As mentioned above, running a Deep Scan will make sure that no malware is lingering on your device. Here’s how to schedule scans in Moonlock:
- Open Moonlock.
- Go to the Malware Scanner.
- Choose Scan Type.
- Select Deep Scan. This is the most thorough scan of your Mac. It will find files that have been hidden for years.
- Set Up a Schedule if You Want. Pick a time when the computer is on but not being used heavily. Lunchtime is typically a good time.
- Click Schedule Scans or Scan Now.
- Confirm Your Settings.
To turn on the real-time protection, you can follow these steps:
- Open Moonlock Settings.
- Enable Real-Time Protection.
- Should see a notification that Moonlock is monitoring your files.
- Check Background Monitoring and toggle the Malware Monitor on. This will run silently in the background.
- Notifications (optional). This will turn on alerts so you’re immediately notified if something is found.
How else can you check for malware on your Mac?
Moonlock, combined with macOS’s built-in security tools, is usually formidable enough against malware. But technically, there are some other methods to check for malware on your Mac.
Check your browser extensions
Earlier, we mentioned that browser hijackers typically use their own browser extensions. Back in the day, third-party toolbars were the usual weapon, but with third-party toolbars now virtually obsolete, apps have mostly stepped in to take their place.
It’s not just browser hijackers that can result in a malicious extension. If you sideload an extension onto your browser, this will bypass the browser security protocols. This is an important lesson on why you should never sideload.
By checking your browser extensions folder, you can quickly see if there’s anything you don’t recognize. If there is something there, remove it immediately. As a side note, you might want to run a web search for the name of the app first, just to make sure you didn’t install it yourself and forget about it.
You may also want to consider completely uninstalling the browser and then reinstalling it. But if you sync all your browser settings, take care not to accidentally reinstall the malicious extension.
Check system permissions in Privacy & Security
Go to System Settings, then to Privacy & Security and review which apps have access to sensitive functionality, like your camera, microphone, files, or even automation features. If you see anything suspicious or unknown, it could be a sign of malware attempting to gain extra control over your MacBook.
Check your installed apps in Finder
In addition to browser extensions, apps are another popular malware delivery system. They can come from dishonest developers, or malware may be secretly bundled with legitimate software. It then installs itself in the background.
Check your Applications folder to see if there’s anything that screams malware.
Does Mac have a built-in virus protection scanner?
It’s worth remembering that macOS has its own built-in virus scanner. XProtect comes standard with every Mac. You don’t even have to enable anything or configure any settings. It scans your Mac for malware from the get-go automatically.
XProtect pulls its definitions from a signature database maintained and frequently updated by Apple, and it does a great job. However, XProtect may not catch everything, so having Moonlock as an insurance policy is a smart move.
Safeguarding your Mac from malware threats
As the saying goes, an ounce of prevention is worth a pound of cure. In other words, try not to have a malware problem at all by being proactive with your computer hygiene.
Install all macOS and app updates
Apple is good at providing timely updates to address known security vulnerabilities. But all they can do is provide them. It’s up to you to install them quickly.
New updates are usually time-sensitive. The hole needs to be plugged before criminals can exploit it. So, the longer you delay the updates, the more opportunity you’re providing cyber attackers.
Use Moonlock to detect malware and stay protected
Moonlock will fill in the gaps that Apple’s XProtect might miss. It is specifically designed for Mac and works seamlessly with macOS. You get these features with Moonlock:
- Malware Scanner: Runs quick or deep scans to find malware or other malicious files
- Real-Time Protection: A 24/7 shield that neutralizes any threats as they try to access the Mac
- Quarantine: Where neutralized threats are kept so they can’t damage the device
- Network Inspector & VPN: Protects your online traffic by hiding your IP and blocking any suspect connections
- System Protection and Security Advisor: Improves your Mac’s security and settings and gives hints and tips on how to build good habits
Protection has never felt so simple, so get a free trial of Moonlock and never have to worry about malware again.
Only use software in the App Store and from trusted developers
People sometimes complain about being shepherded to the Apple App Store to buy software there instead of through their preferred platform. But those same people forget that Apple is doing you a solid favor. The company is vetting and scanning those apps for threats — and blocking the problematic ones.
So, by limiting your software downloads to the App Store, you’re protecting yourself from the worst of the malware and decreasing your risk level considerably.
There are, of course, trusted third-party developers, such as MacPaw and Moonlock, that you can use. The major companies are generally trustworthy, but when it comes to smaller and lesser-known companies, use the App Store instead. Avoid cracked or pirated software, as these often contain malware and pose a serious security risk to your Mac.
Keep an eye on system performance
If you start to notice your Mac’s performance slowing down, the device heating up, or the battery lasting significantly shorter than usual, there is a possibility that malware could be affecting your system performance. Spyware and cryptominers can also be deployed in the background on your machine to consume your power and resources.
Moonlight’s System Protection is designed to improve your system’s security settings to make sure that it is as hard as possible for any of these malicious files to enter your Mac. It will point out weak spots and guide you toward better default settings, making sure that your Mac is secure and running at optimal performance.
Check your Mac with System Protection in Moonlock today to keep your Mac protected and performing!
Only visit HTTPS websites
Google did everyone a favor when they decided to prioritize sites with HTTPS security certificates. This had the effect of not only pushing malicious websites into the black hole of Google search results but also highlighting the dangers of normal HTTP websites.
That said, not every HTTPS website is automatically safe. Hackers can use fake security certificates to provide the illusion of safety and security. But, on the whole, HTTPS is much safer than HTTP. Simply look at the URL bar. Is there a padlock icon and HTTPS? Then you’re likely on a safe site.
Many browsers will actively block you from going to non-HTTPS websites. You can choose to ignore the warnings and override the blocks, but we advise against this.
Checking for malware on a Mac is something that should become second nature for every MacBook owner. Never be complacent or assume it could never happen to you.
Cyberattacks happen to everyone eventually. The only factor you can control is how quickly it’s stopped and, hopefully, destroyed. If you have Moonlock, that process will be quick, painless, and efficient.
This is an independent publication, and it has not been authorized, sponsored, or otherwise approved by Apple Inc. Mac, MacBook, and macOS are trademarks of Apple Inc.
