{{Short description|Computer program that affects macOS platform}} {{lowercase title}} '''macOS malware''' includes viruses, trojan horses, worms and other types of malware that affect macOS, Apple's current operating system for Macintosh computers. macOS (previously Mac OS X and OS X) is said to rarely suffer malware or virus attacks,<ref name=macworld/> and has been considered less vulnerable than Windows.<ref name=bgr/> There is a frequent release of system software updates to resolve vulnerabilities. Utilities are also available to find and remove malware.<ref name=macworld>{{cite web|url= https://www.macworld.co.uk/how-to/mac-software/how-remove-mac-malware-for-free-viruses-keranger-3594625/ |title=Mac OS X Malware details|accessdate=2015-03-12}}</ref>

== History == Early examples of macOS malware include MP3Concept (discovered 2004, a benign proof of concept for a trojan horse), Leap (discovered in 2006, also known as Oompa-Loompa) and RSPlug (discovered in 2007).

An application called MacSweeper (2009) misled users about malware threats in order to take their credit card details.

The trojan MacDefender (2011) used a similar tactic, combined with displaying popups.

In 2012, a worm known as Flashback appeared. Initially, it infected computers through fake Adobe Flash Player install prompts, but it later exploited a vulnerability in Java to install itself without user intervention. The malware forced Oracle and Apple to release bug fixes for Java to remove the vulnerability.

Bit9 and Carbon Black reported at the end of 2015 that Mac malware had been more prolific that year than ever before, including:<ref name=bgr>{{cite web|url =https://bgr.com/2015/10/21/mac-malware-increase-2015/ |title=2015 Mac OS X Malware|date=22 October 2015 |accessdate=2016-03-21}}</ref> * Lamadai – Java vulnerability<ref>{{cite web|url =https://www.welivesecurity.com/2012/03/28/osxlamadai-a-the-mac-payload/ |title= Lamadai Mac Operating System Attack |date= 28 March 2012 |accessdate=2016-03-21}}</ref> * Appetite – Trojan horse targeting government organizations * Coin Thief – Stole bitcoin login credentials through cracked Angry Birds applications

A trojan known as Keydnap first appeared in 2016, which placed a backdoor on victims' computers.

Adware is also a problem on the Mac, with software like Genieo, which was released in 2009, inserting ads into webpages and changing users' homepage and search engine.

Malware has also been spread on Macs through Microsoft Word macros.

=== Ransomware === In March 2016 Apple shut down the first ransomware attack targeted against Mac users, encrypting the users' confidential information.<ref>{{cite web| url =https://www.cnbc.com/2016/03/07/apple-mac-users-targeted-by-first-full-ransomware-attack.html | title= Mac OS X Attack March 2016 | website= CNBC |accessdate=2016-03-07}}</ref> It was known as KeRanger. After encrypting the victim’s files, KeRanger demanded a payment of one Bitcoin (approximately US$400 at the time) in order to restore access to them.<ref>{{cite web | url= http://www.computerworld.com/article/3041082/security/apple-shuts-down-first-ever-ransomware-attack-against-mac-users.html | title= Apple Shuts down First ever ransomware | date= 6 March 2016 | accessdate= 2016-03-07 | archive-date= 2016-03-08 | archive-url= https://web.archive.org/web/20160308124539/http://www.computerworld.com/article/3041082/security/apple-shuts-down-first-ever-ransomware-attack-against-mac-users.html | url-status= dead }}</ref>

== Mitigation == Gatekeeper is a built-in security feature of macOS meant to reduce malware execution by verifiying downloaded applications before they are launched for the first time.

MacOS 12.3 introduced XProtect Remediator,<ref>{{Cite web |date= 30 August 2022 |title=macOS now scans for malware whenever it gets a chance |url=https://eclecticlight.co/2022/08/30/macos-now-scans-for-malware-whenever-it-gets-a-chance/ |access-date=2023-07-04 |language=en}}</ref> a tool which regularly scans the system for known malware.

==References== {{Reflist}}

{{Malware}} {{Software distribution}}

Category:MacOS malware Category:Malware by platform

{{malware-stub}}