I’ve had Malwarebytes catch a couple of things over the years on mine and client machines.
In general, the few and far between infections I’ve seen have been browser-based JavaScript attacks where they take over the screen and frighten you into calling a number for help and then chaos ensues if you take the bait. Multiple instances of this over the past 10 years.
As for low level, root kit-like attacks I can’t remember the last time I’ve seen one – maybe the early 2000s?
Dave
If you were to have a poll I would like for you to add questions that answer some of this. Obviously you would be able to word them better than me.
• Have you had an infection of any kind ever? Since maybe 2000?
• Have you had an infection in the last year? (2 years?)
• How did it arrive in your computer? Web, software installer, other?
• What did it do? A question to be answered in the discussion maybe?
As a sysadmin back in the 1990s we had a jpg-eating virus that could have been a big thing since all our production at the printing plant was based on jpg. However, as far as I remember, it was isolated to one or two Macs.
On a test Mac back in 2012 or 2013, where I downloaded software for testing and distribution, I got malware when installing a new version of FileZilla. The malware replaced Google as the search platform. I found a way to get FileZilla upgrades without the malware.
I am not using any antivirus software.
If you’re running anti-virus software then the question would be if you have evidence that it is stopping an infection. I know mine has, it is in the log.
Not a direct response to what we use, but could contribute to thinking on need.
I’ve occasionally been harrassed by this nonsense. Most of the time, my ad-blocking software blocks those scripts, which typiclaly get distributed either via ad networks or by domain squatters (who register expired domains to hijack old URLs) and typo-squatters…
Incidentally, I just discovered that Apple has registered aple.com and appl.com. They redirect to apple.com. I assume this was done to prevent the most common typosquatting.
I would have to say “Never”. I don’t run any kind of background scanner on my Mac (beyond whatever Apple pre-installs), and my work computer (running Windows) has the company’s security suite (currently ZScaler and Crowdstrike).
The only time I ever got a malware infection was back in the late 90’s. I had a laptop running Windows 95. I got the infection from Microsoft’s own server. The installation of McAfee detected it, but didn’t seem to be able to block or remove it. I wiped the hard drive, performed a clean reinstall of Windows from CDs. installed McAfee, which scanned everything clean. Then I went to Windows Update, and immediately got infected again.
When I reported it to Microsoft, they replied with a BS answer that their servers are perfectly clean and I must have gotten infected from someone else. Which is about when I wrote off Microsoft corporation as a useless gang of idiots. I still stand by that opinion today (along with lots more companies, who have proven themselves to be incompetent in all kinds of different ways).
Yet just about every casual Macintosh user that I’ve met thinks that it is.
By the way, I, personally have the full commercial version of VirusBarrier installed. I settled on VirusBarrier because it consistently wins all of the believable anti-virus shootouts that I’ve seen published. I’ve been using it for about 20 years. I use AV software, not because I think that I need it (I don’t think that I need it), but because my work requires it. In all that time, my AV software has never flagged anything that I actually needed to be protected from. It has picked up the odd Windows virus email attachment (those are easy to just spot and trash, they don’t run on the Mac.), it has warned me about phishing scams (those seem to always be easy to spot myself), etc. But at least it has never slowed down my Mac.
I just want to say, to make sure that nobody interprets my comments incorrectly, that I haven’t ever recommended MWB as a sole line of defense and I haven’t ever regarded it as a comprehensive security solution. There are, of course, people who view MWB differently than I do and use it differently than I do. But I’m not a proponent of not having a multifaceted security plan if one has sensitive or irreplaceable data to protect.
Intego NetBarrier and VirusBarrier.
BlockBlock is bearable and meaningful esp. for laptops. This is just pre-emotive though and not by itself finding or stopping any virus.
What I was trying to say about spam filters and virus protection was if some malware is propagated via email (including attachments) that could be blocked by a spam filter. I have a hazy recollection that some early malware was carried by attachments, but can’t remember any details.
I want to mention VirusTotal as a good tool for security. If you receive something suspicious, including files and anything with a URL, you can upload it to VT and get results spanning almost 100 different file scanners and blocklists.
FWIW, for prevention, there’s a suite of donationware products at https://objective-see.org/ including LuLu, Do Not Disturb, KnockKnock, ReiKey, BlockBlock, RandomWhere, and OverSight, which I strongly recommend.
You inspired me to look at ClamXav, which is now $30/year… so I am downloading clamav for Mac, which is open source.