For years, Apple users haven't worried about malware. Does that make OS X secure?

“Wait—what? International crime syndicates can’t have all my personal financial information! They just can’t! I have a MacBook Air. Apple products don’t get malware. Everyone knows that.”

Does this sound familiar?


While Apple has never outright said that its devices and software were immune to malware, it has allowed this idea to perpetuate for decades, to the point that many people take it for fact. However, this couldn’t be farther from the truth; in fact, Apple malware is almost as old as Apple itself!

The first Apple malware was the Elk Cloner virus back in 1981. Written by a 15 year old, it was capable of infecting the boot sector of Apple II computers, which would really get in the way of playing a solid game of Oregon Trail!

Yet, where early malware was relatively timid, today’s efforts are the products of organized cybercriminals who attack machines globally for profit. In 2011, it was discovered that the Flashback Trojan was exploiting a Mac OS X security flaw in Java, and by 2012 had infected roughly 600,000 Macs, forming a botnet stretching across the globe—even in Cupertino, the home of Apple’s headquarters.

So, why does this myth about Apple’s malware invincibility pervade our consciousness? One reason is that by volume, the amount of Apple malware to date is very small in comparison with the threats to Windows and Android. Additionally, the “walled-garden” approach to the App Store is another safeguard to prevent malware.

However, where there’s a will, there’s a way, and just because Apple products have not been targets doesn’t preclude them from being susceptible. In fact, in 2012, Apple eased their official statement on the matter, moving away from the idea that it is invincible to merely “built to be safe.”

Also, there is some confusion over the terms “virus” and “malware,” with many in the general public using the two interchangeably. And while it is true that Apple products, by design, offer some greater security against viruses, they are just as susceptible as other computers to malware, which is as great of a security threat today.

To that end, would a Mac user even know if their machine had been infected with malware? Antivirus and antimalware software for Apple products has had a rather small adoption rate among the users, and because of this, there is far less visibility on the threats out there. To make matters worse, Apple actively does its part to discourage AV products for a variety of business reasons. As recently as March 2015, it had begun removing all antivirus apps from its iOS App Store even while security expert Eugene Kaspersky has warned that there is potential for iOS to be a vulnerable target.

Apple security threats will continue to be a hot-button issue, and with the popularity of the company in seemingly perpetual growth, there’s a good chance that malware attacks will only increase. So, if you are an Apple user, should you have malware protection? Yes. But, always remember it doesn’t take sophisticated software to be the victim of a security threat; there are elaborate social engineering scams that target users of all operating systems.

Of course, nowadays, your Apple Watch can just be reset, too.

See also:

How are you managing your clients' Apple devices?