The Best Security Software for Macs

by Robert E. Calem on October 16, 2012
in Computers and Software, News, Computer Safety & Support, Blog :: 17 comments

Techlicious editors independently review products. To help support our mission, we may earn affiliate commissions from links contained on this page.

frustrated man with laptop One supposed advantage of Apple Mac computers over their Microsoft Windows-based competitors is the Macs' renowned immunity to viruses and other malware spread by cyber-criminals. But in fact Macs are not immune to such threats and users would benefit from using the same sort of anti-virus software commonly installed on Windows PCs. Early this year, more than half a million Macs were infected by a virus named Flashback-Botnet––a small infestation compared to the total Mac population, to be sure, but a warning shot to all Mac users nonetheless.

Finding and choosing the best Mac-oriented anti-virus program can be difficult, though, especially for novices.

So AV-Comparatives, an Austrian non-profit organization that specializes in testing anti-virus software, has done the work for you––last month testing the latest versions of seven Mac anti-virus apps on 2011 and 2012 sample computers.

The goal was to see if the software would detect 477 instances of malware belonging to the Flashback and FakeAlert families, and also to test for false-positive returns on "the machine of a real-life Mac power user" with approximately 500 gigabytes of data on his machine, AV-Comparatives says in its report released this month.

Here are the key findings:

The best three Mac anti-virus programs, which earned scores of 100 percent and shared the first-place ranking, are avast! Free Antivirus for Mac 7.0, AVIRA Free Mac Security 1.0 and ZeoBit MacKeeper 2012 ($40).
Kaspersky Security for Mac 13.0.2.458 ($40) ranked second with a score of 98.5 percent.
ESET Cyber Security Pro 5.0 ranked third with a score of 96.9 percent.
F-Secure Anti-Virus for Mac B11291.C105 ($40) ranked fourth with a score of 90.6 percent.
eScan Anti-Virus for Mac 5.5-5 ($30) rounded out the rankings in fifth place with a score of 83.4 percent.

None of the apps returned a false-positive result, AV-Comparatives says, adding, "The products we have tested here all do their jobs adequately."

All earn the organization's Approved Award.

Nevertheless, AV-Comparatives also notes, most of these Mac anti-virus apps are not as comprehensive as similar programs designed for Windows computers, and some offer only very basic protection.

Read the full report on AV-Comparatives.

Discussion

Mac Security Software

From TAMMY on October 18, 2012 :: 11:18 am

When I brought my Mac in to the apple store and inquired about security software they insisted I did not need it. The even went so far to say if I did get a virus they would take care of it no charge!

What about Sophos and ClamXav

From Uncle_al on October 18, 2012 :: 2:44 pm

When security is in question, it is easy to say that it is not serious unless you are the one with the virus. Instead of 600,000, it was almost 675,000 systems, with respect to the number Apples on the Internet, that was a factor commensurate to the Conficker worm on Windows a few years back.
The Flashback botnet fiasco was avoidable except for the lack of concern on the part of Apple to protect their clientele. Apple failed to release an update for Java for more than 90 days that would have curtailed the exploit. The same lack of concern permeates Apple users so it is likely that many would not have applied the update, anyway. Another serious security fail.
Apple now has another similar situation, a 45 days old Java exploit that Apple has not patched. They received the 30 fixes from Oracle on or before 16 OCT and have not released a fix.
As for Tammy, if you can prove that the Apple genius told you now to be concerned, you have consumer rights, which you may want to exercise.
Sophos and ClamXav are a couple of several free AV solutions with Sophos being as good if not better than some of the Paid For Solutions you mentioned. Choosing a security solution based on price is a serious error.

I Got Scammed!

From ricia on October 18, 2012 :: 7:45 pm

Got scammed! I read your article and clicked on avast. They said I needed to clean my computer first and ran a scan to see how important this was which convinced me to buy their cleaning unit CleanUpMyMac for $39.95. AFTER buying it I Googled it and found many many people saying DON"T buy this, I ruined my computer,

etc…etc. I am now working with Pay Pal to get rid of the charges.

You must have downloaded the wrong program

From Josh Kirschner on October 19, 2012 :: 7:47 am

Hi Ricia,

Sorry for your troubles, but you must have downloaded the wrong thing. “CleanUpMyMac” has nothing to do with Avast and there should never be a need to download a “cleaning” program to use antivirus software.

What is the name of the company that billed you on PayPal?

Avast

From David on October 18, 2012 :: 11:03 pm

In response to Ricia’s comment, if you are going to recommend something, then don’t take someone else’s word for it. Try it out, especially as your site is meant to be to help those of us who are groping our way through an ever accelerating technological age!

I Wouldn't Trust The Cited Study

From Randy B. Singer on October 19, 2012 :: 6:01 am

This is a somewhat controversial topic.

Two things that lead me to immediately discount the study that the article cites is that first, they highly rank MacKeeper, which has a horrible reputation among Mac users, some of which go so far as to call it “malware.”. See:
<http://applehelpwriter.com/2011/09/21/how-to-uninstall-mackeeper-malware>
<http://www.reedcorner.net/news.php/?p=245>

and the study doesn’t mention Intego’s Virus Barrier at all, which is the AV program that consistently comes out on top of Macworld magazine’s comparison tests.

I’ve seen a number of reports from “security experts” on Mac security recently, and the problem with them all is that now that the Macintosh is selling in huge numbers the Mac world is seeing an influx of Windows “experts” who don’t really understand the Macintosh and who have no qualms about stirring up needless paranoia among Mac users.

Another problem is that these “security experts” suffer from the “to a hammer every problem looks like a nail” syndrome. That is, security experts see a huge threat wherever they look. Even where there isn’t a huge threat.

I’d recommend that Mac users interested in the topic of malware have a look at:

Macintosh Malware Guide
http://www.reedcorner.net/mmg/
(which is written by someone whom I trust, as he is an actual Mac user, he isn’t trying to sell AV software, and he isn’t in the “security field”)

There is an associated comprehensive list of all of the malware for Mac OS X, which is kept meticulously updated, here:
http://www.reedcorner.net/mmg-catalog/
On the far left of this list each piece of malware is rated for its
current “threat level.” You can decide for yourself, what they overall threat level is.

___________________________________________

Randy B. Singer
Attorney at Law

Author of: The Macintosh Software Guide for the Law Office

Webmaster of: The Macintosh Law Office Software List
http://www.macattorney.com

Publisher of: The MacAttorney Newsletter
___________________________________________

Hi Randy,Thank you for the

From Josh Kirschner on October 19, 2012 :: 9:00 am

Hi Randy,

Thank you for the thoughtful response and helpful links. We wish AV-Comparatives had included other providers, like Intego and Sophos. That doesn’t invalidate the results from the programs they did test, however.

While Mackeeper has gotten a bad reputation from Internet commentators (mostly around their advertising policies), the actual results from testers has been positive. In fact, MacWorld included them as one of their “Gems” in 2010. There’s also a very interesting article on Cult of Mac which suggests that much of the criticism of Mackeeper is largely unwarranted: http://www.cultofmac.com/170522/is-mackeeper-really-a-scam/

We also face the issue in our anti-malware recommendations (both for Mac and PC) of determining which is the best solution TODAY. Programs that did not perform well two years ago may be excellent now and vice versa, so we put far more weight in recent testing. (BTW, I can’t find the Macworld comparison test you mention. If you have that link, please forward)

From a philosophical perspective, we take the position that while malware threats are still not common on Macs, the risks should you get one could be significant - from complete loss of data to theft of credit card or financial information. Therefore, we strongly recommend AV protection to Mac users (in the same way we would recommend health insurance, even if you’re young and healthy).

Some (e.g., reedcorner.com) take the position that, as long as you’re careful, malmare isn’t an issue for Mac. We disagree with this for two compelling reasons: 1) People often aren’t careful where they go on the Internet or what they download, or they don’t have the technical sophistication to determine a valid site from a non-valid one. I consider myself pretty savvy on security but, on rare occasion, I’ve clicked on scam or phishing links, myself. 2) There’s no guarantee that future malware won’t be able to take advantage of a security hole that bypasses user interaction.

Best,
Josh

Rogue parasites

From Uncle_al on October 19, 2012 :: 8:11 am

Actually, Ricia, you may have installed the AntiVir Rogue FakeAlert Parasite. Criminals are lurking on the Internet to take advantage of people looking for an antimalware solution because of an issue they may be experiencing. That particular Rogue has been roaming for 4 years and is socially engineered to make victims out of those with a legitimate need.

Rogues pretend to scan a system and find faked “infections” thereon, intimidating the user to buy their software to remove the “malware”. In many instances, the only malware on the system is the Rogue, itself.

The SECRET to procuring any legitimate anti-malware is to get it from the actual Vendor site. Get Microsoft software from Microsoft, Apple software from Apple and Avira software from avira.com. At this point, your computer may be re-directed to other sites, though.

If you need assistance removing malware, I will attempt to do so for free. You may contact me here: http://unc61.pbworks.com/w/contact-owner

>>From a philosophical perspective, we

From Randy Singer on October 19, 2012 :: 12:58 pm

>>From a philosophical perspective, we take the position that while
>>malware threats are still not common on Macs, the risks should
>>you get one could be significant

Windows bigots have been espousing the “any day now Macs will have significant numbers of very malicious viruses” theory since the introduction of OS X…over a decade ago. It still hasn’t happened and there is no good indication that it will happen anytime soon.

Meanwhile, anyone who is very active in the Macintosh community knows that there are still no actual Mac viruses (defined as self-propagating malware), and that the overwhelming majority of Macintosh users don’t use any sort of AV software, yet if you frequent Macintosh discussion lists (as I do), or Mac user groups (as I do), you would know that it is impossible to find anyone who has contracted any Mac malware while running OS X (Windows viruses that can’t run on Macs don’t count), even the recent Flashback scare that the press was so excited about.

“Security experts” love to spread what we in the Mac community call “FUD” (fear, uncertainty and doubt.) It’s their job. And, frankly…it’s not very nice of them.

I hear from Mac users constantly who have AV software installed, and who are beset with vexing software conflicts. This article is a few years old, and somewhat out of date, but the concept is still quite valid:
Mac OS X anti-virus software: More trouble than it’s worth? | MacFixIt - CNET Reviews

Your article doesn’t even mention that Apple very quietly has added its own anti-virus software to OS X:
XProtect/File Quarantine
http://en.wikipedia.org/wiki/Xprotect
http://support.apple.com/kb/HT3662

or that Macintosh browsers (even those from most third parties), now include software that automatically protects you from malicious Web sites.
Safari, Firefox and Chrome all have Google’s “Safe Browsing” technology built-in.
So, unless a Mac user either has an old browser, or for some reason they have turned this feature off (or ignored its warnings), Mac users are protected from poisoned Web sites, drive-by downloads, and phishing sites.
http://www.macworld.com/article/137094/2008/11/safari_safe_browsing.html

The press loves to play up any vulnerabilities that Apple’s historically secure products might exhibit. But their sensationalism ignores the truth:

Major overhaul makes OS X Lion king of security
http://www.theregister.co.uk/2011/07/21/mac_os_x_lion_security/
http://reviews.cnet.com/8301-13727_7-10331147-263.html

I’m not completely against using AV software. I run AV software myself because my business requires that I follow “best practices.” However, I can tell you that it has never protected me from anything that I needed protecting from.

AV software for the Macintosh, for now, is a waste of money and a potential source of problems. When there is actually a real threat out there that actual Mac users (not just theoretical numbers of Mac users in Russia or somewhere in Asia) are encountering, then Mac users might want to consider running out and getting AV software, and only then might the benefits outweigh the risks.

___________________________________________

Randy B. Singer
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)

Macintosh OS X Routine Maintenance
http://www.macattorney.com/ts.html
___________________________________________

Agree, fear is unwarranted. Uncertainty

From Josh Kirschner on October 19, 2012 :: 3:02 pm

Agree, fear is unwarranted. Uncertainty and doubt are not.

The argument of “Windows bigots” (which I guess is the opposite of Apple Fanboys) has always been that the lack of exploits on Mac had far more to do with limited market share than inherent security qualities. It’s only in the last couple of years as Apple’s marketshare has risen above 10% in the U.S. (still far smaller outside the U.S.) that we’ve started to see an increase in Mac exploits. As Apple’s share continues to rise, the pace and severity of exploits will rise as well:
http://www.wired.com/gadgetlab/2012/04/attacks-mac-security-risks/

It’s also important to note that the well-publicized incidents this year all occurred well after the release of OS X Lion, and new exploits continue to show up:
http://www.forbes.com/sites/andygreenberg/2012/10/08/human-rights-groups-report-a-surge-in-highly-targeted-malware-for-macs/
http://www.cultofmac.com/188296/new-mac-malware-steals-all-the-passwords-you-enter-into-your-browser-logs-your-keystrokes/

In fact, the rate of reported exploits is INCREASING despite the improvements to Mac security over the last couple of years. Is it at Windows levels? Not even close. Will it get continually worse as Apple’s share increases? I’ll bet my Macbook Air on it.

BTW, Flashback was a drive-by download.

Missing URL

From Randy Singer on October 19, 2012 :: 2:51 pm

The URL to this article was missing from my last post:

Mac OS X anti-virus software: More trouble than it’s worth? | MacFixIt - CNET Reviews

http://reviews.cnet.com/8301-13727_7-10331147-263.html

___________________________________________

Randy B. Singer
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)

Macintosh OS X Routine Maintenance
http://www.macattorney.com/ts.html
___________________________________________

WOLF!

From Randy Singer on October 19, 2012 :: 3:55 pm

>> The argument of “Windows bigots” (which I guess is the
>> opposite of Apple Fanboys) has always been that the lack of
>> exploits on Mac had far more to do with limited market share
>> than inherent security qualities.

Yes, and that’s an inherently bigoted position which doesn’t stand up to logical scrutiny.

If, let’s say the Macintosh only has 10% market share…then why doesn’t it have 10% as many viruses as Windows? Or even 1%? Why does Windows have over a million viruses:
http://news.bbc.co.uk/2/hi/technology/7340315.stm
and as many as 95,000 new threats for Windows *every day*!!!
http://www.sophos.com/security/topic/security-threat-report-2011.html
While there is only a tiny handful of very rare malware for the Macintosh, none of which is a big threat?:
http://www.reedcorner.net/mmg-catalog/

The answer is simple: the Macintosh is much harder to write Malware for than Windows.

Article: Is Windows inherently more vulnerable to malware attacks than OS X?
http://weblog.infoworld.com/enterprisemac/archives/2006/08/is_windows_inhe.html

Experts: OS X now much more secure than rivals
http://www.macnn.com/articles/11/07/23/leapfrogs.windows.7.linux.but.still.not.perfect/

See post from “Munkery” regarding Mac security:
http://forums.macrumors.com/showthread.php?p=15125414#post15125414

Folks might enjoy these articles on this topic:
Broken Windows
http://daringfireball.net/2004/06/broken_windows

So Witty (followup to Broken Windows)
http://daringfireball.net/2004/06/so_witty

It’s true that China has been putting its might behind a concerted campaign to create malware specifically targeted at Tibetan advocacy groups. But even that isn’t anything like a deluge. And with each one of those attacks, Apple consequently hardens the OS. I don’t see any more reason to believe that there is a deluge of malware attacks coming now than 10 years ago when folks like yourself said that they would be coming “real soon now” and that we should be “really concerned.”

Here’s a fun article about how the press has been crying “wolf” about Mac malware for a decade:

Wolf!
http://daringfireball.net/2011/05/wolf

I think that folks have enough information to make up their own minds. I hope that no Mac users allow themselves to be mislead, and submit to paranoia about a problem that is huge in the Windows world, and just about nonexistent in the Mac world. (It is, after all, one of the big reasons Mac users use Macs…)

___________________________________________

Randy B. Singer
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)

Macintosh OS X Routine Maintenance
http://www.macattorney.com/ts.html
___________________________________________

Not going to post

From Randy Singer on October 19, 2012 :: 5:04 pm

Not going to post my last message?

Not sure why, but your

From Josh Kirschner on October 19, 2012 :: 5:19 pm

Not sure why, but your messages keep getting flagged as spam in our system, so I actually need to go in and manually approve each one which takes a little bit of time. This short one didn’t, so it may have to do with the signature section and link you’re adding at the bottom.

We appreciate healthy discussions on these topics and would only remove valid posts under exceptional circumstances.

Bad study

From Thomas Reed on December 12, 2012 :: 8:53 pm

I don’t believe the AV-Comparitives study was at all valid. They say they tested with 477 samples of Flashback and FakeAlert, but there are not actually 477 discrete samples of these two malware programs. Most of those must have been duplicates.

These are also two of the most prevalent pieces of Mac malware in existence, so most AV software will catch them. In addition, both of these families of malware were both extinct by the time the study was published.

I recently tested some of these products against a wider range of malware (51 samples of 19 different malware families), and got VERY different results:

http://www.reedcorner.net/mac-anti-virus-detection-rates/

I’m planning to test again at the beginning of next year, with an expanded list of samples (I’m up to over 100 now), representing more families, and testing more AV products.

Thank you for the post

From Josh Kirschner on December 12, 2012 :: 11:08 pm

Hi Thomas,

While we didn’t put great weight in the AV-Comparatives study, it was notable in being the first study we’re aware of that actually attempted to test and compare Mac AV programs.

Your study is far more comprehensive and is immensely helpful. I’m disappointed that most of the players performed so poorly, including those that usually are at the top of our Windows recommendations. My guess is that they just aren’t putting the resources behind a product for which there is still very little market demand - that’s a reason, but not an excuse.

A couple of comments on your test write-up: if you could include Webroot SecureAnywhere, we would be interested in how it performs. It is our current pick for Mac AV software based on results from PC Mag. Also, the version of Kaspersky you tested is the enterprise edition. Would be interesting to see if the consumer version performs better (or worse).

If you don’t mind, please keep me informed of your future test results via josh at techlicious.com.

Best,
Josh

Interesting Recent Article

From Randy Singer on January 15, 2013 :: 6:08 am

Do You Need Mac Antivirus Software in 2013?
—————————————————————-
by Rich Mogull
<http://tidbits.com/e/13476>
“...malware on Macs is still not nearly common enough to recommend antivirus software for everyone. ”

The Best Security Software for Macs