Macs cannot get viruses

What we know

The belief that Macs are immune to malware originates from the early 2000s when macOS had a small market share and attackers focused on Windows. As Mac market share grew, so did targeted attacks. The Flashback Trojan in 2012 infected over 600,000 Macs. KeRanger in 2016 was the first fully functional Mac ransomware distributed in the wild. Shlayer adware, documented by Kaspersky and Malwarebytes, at its peak was detected on approximately 30 percent of all Macs protected by their software.

Apple maintains XProtect, a built-in malware detection system that uses YARA signatures to detect known malware. As of late 2024, XProtect contained over 328 detection rules - strong evidence from Apple's own engineering that Mac malware is a real and ongoing concern. macOS also includes Gatekeeper, which checks code signatures, and notarization requirements for apps distributed outside the App Store.

More recent threats include HVNC (Hidden Virtual Network Computing) remote access trojans that allow attackers covert control of a Mac, and information stealers targeting macOS that harvest browser credentials and cryptocurrency wallets. The correct statement is that Macs have historically faced fewer attacks than Windows systems due to market share and architecture differences, but they are not immune.

Common claims

• Macs cannot get viruses or malwareFalse. Multiple documented malware families have targeted macOS, including Flashback, KeRanger, Shlayer, and HVNC RATs.
• Macs are inherently more secure than WindowsPartially true. macOS has architectural security features, but lower market share was historically the primary factor in fewer attacks.
• Mac users do not need antivirus softwareContested. Apple provides XProtect and Gatekeeper, but third-party security software provides additional layers of detection.

Evidence hierarchy

All sources

• Can Macs Get Viruses?Intego Mac Security Blog · 2024
• XProtect Ascendant: macOS Security in 2024Eclectic Light Company · 2024

Related terms