Anti-Malware for the Mac OSX?
May 2, 2011 2:38 PM   Subscribe

Do good anti-malware tools exist for Mac OSX?

I recently found out about MACDefender malware that specifically targets Mac OSX. Personally I try to follow best-practices by using a non-admin account and browsing without the "install safe apps" option, so I'm not that worried about this affecting me.

However, a part of me suspects that this eventually might not be enough. I'm a bit concerned by the reports posted here (macrumors url) about the malware bypassing prompts for passwords. The article at http://isc.sans.edu/diary.html?storyid=10813 mentions investing in a good anti-malware suite. Does this actually exist, or was the article more of a form-letter designed from past Windows exploits?
posted by CancerMan to Computers & Internet (13 answers total) 4 users marked this as a favorite
 
The only one I've ever used is ClamXav. I mostly use it to scan mail files for Windows malware.
posted by tommasz at 3:17 PM on May 2, 2011 [1 favorite]


I also use ClamXav w/ClamXav Sentry. You can set it to scan any folder on your Mac. I use it to scan email, as well as the designated Downloads folder for browser downloads.
posted by Thorzdad at 3:57 PM on May 2, 2011 [1 favorite]


Been using Macs since they were called Apple II's and have not used AV or anti-malware software at all. Don't plan to unless this isolated incident turns out to be not so isolated and maybe not even then.

From what I understand about the current threat level and this latest threat, the Mac user needs to give permission for the software to install still. No permission = no install = no threat.

So, if a pop up pops up saying it needs to install something you didn't choose to install, don't give it permission. Simple.

As you say, eventually this may not be enough but eventually is still a ways off.
posted by fenriq at 4:13 PM on May 2, 2011 [1 favorite]


Keep in mind that all of the OSX-era Macintosh exploits have (to the best of my knowledge) all been more proof-of-concept than anything else, and frequently attached to press releases for Mac antivirus software.

That said...although your Mac itself should probably be safe, it is probably good manners to have some kind of antivirus running at least on your email.

Kaspersky is pretty awesome for the Windows side of things (my sysadmin friends swear by it), and they have a Macintosh port that is not terribly expensive.

http://usa.kaspersky.com/
posted by ivan ivanych samovar at 4:19 PM on May 2, 2011


Some of the exploits get through Safari's propensity to trust things it downloads, and Safari's use of OS X services allows those trusted downloads to do things they shouldn't. As much as I like Safari, Firefox and Chrome provide safer browsing.
posted by Blazecock Pileon at 4:41 PM on May 2, 2011


Intego's Internet Security Barrier is a very comprehensive suite that includes antivirus, malware, firewall...

I've used other products from Intego in the past, and have found them quite robust, and easy to use.
posted by theKik at 4:46 PM on May 2, 2011


Integro has "VirusBarrier Plus" on sale in the Mac App Store (8 bucks) I was checking it out today. Integro's website makes little mention of their App Store versions, probably because they make a lot less money.
posted by chairface at 5:13 PM on May 2, 2011


No permission = no install = no threat.

Until I install an app I think is trustworthy, but isn't. I don't use any malware detection either, so for all I know this has already happened to me.
posted by obiwanwasabi at 7:19 PM on May 2, 2011


If you're not afraid of the command line, you could use chkrootkit.
posted by wayland at 8:57 PM on May 2, 2011


I did help desk at a large University recently and we used the Sophos anti-virus product on the Macs. It seemed to work pretty well, wasn't too CPU intensive and during my tenure it did catch several viruses from various downloads.
posted by Poet_Lariat at 10:01 PM on May 2, 2011


Seconding Intego VB6. You get a robust firewall as well. There are differences between the App store product and the full product.
posted by PickeringPete at 6:45 AM on May 3, 2011


I think ClamXav is a good suggestion. Thanks! The idea about preventing malware from spreading to others is something I never really considered.

chkrootkit is something of interest to me, too. If there are other alternatives, I will check those out, as well.
posted by CancerMan at 1:01 PM on May 3, 2011


In case anyone checks on this, Apple announced a new security update and instructions on how to avoid/remove the malware.

http://support.apple.com/kb/HT4650
posted by CancerMan at 2:08 PM on May 25, 2011


« Older Apple-Shift-3 not working and Rory is sad :-(   |   sing me a song, you're a singer Newer »
This thread is closed to new comments.