are macs susceptible to malware?

Nowadays Macs are susceptible to malware, mostly adware.

Safari goes to Yahoo instead of Google?

 1. Check for adware.

     Run the latest release of Malwarebytes for Mac to remove malware/adware, if installed on your Mac.

     For instructions:  Install Malwarebytes for Mac          Uninstall Malwarebytes for Mac

     Click the “Scan Now” button. Once done, quit Malwarebytes for Mac.

     Restart the computer and relaunch Safari holding the shift key down.

     Remove unknown profiles (1), unknown login items(@) unknown extensions(3), reset search engine (4)

     and reset Homepage (5 & 6)  listed under Additional steps.

2. Additional steps to take, if necessary.

  1. Remove unknown profiles.

      System Preferences > Profiles

      Open System Preferences, click the “Profiles” icon ( a checkmark on a gear) .

      When Profiles pane opens, select the unknown profile and click the minus button at the bottom.

  2. Remove unknown Login item.

       System Preferences > Users & Groups > Login items

       Authenticate and unlock the lock.

       Highlight the unknown login item and click the “-“ button at the bottom left to remove it.   

  3. Reset search engine:    https://support.apple.com/guide/safari/customize-your-search-ibrwe75c2a3c/mac

  4. Change Home Page

      Section: If Safari's home page is stuck

   Ref: https://forums.malwarebytes.com/topic/236261-how-to-remove-weknow-malware-and-others/

    5. Shutdown the computer from  menu. Start your Mac using the Power button.

Mail

Restart the router.

  Startup in Safe Mode.    https://support.apple.com/en-us/HT201262

Force Quit Mail. How to force an app to quit on your Mac - Apple Support

Take Mail online: Take email accounts online or offline in Mail on Mac - Apple ...

Here is a DIY solution.

There are many references to fixes for this virus. On Jan 30, 2020 my infection started with a virus piggybacked on a Flash Player update, so beware. Also notice that Adobe plans to end support for Flash Player on December 31, 2020.

My Jan 30, 2020 virus infection and removal experience might be useful.

How to catch the virus

Enter in Google “care solutions for elders”. In the results below the ad, find “Care Solutions for Elders - Home | Facebook”. Clicking on this entry brings you to the Facebook page containing the virus link.

In addition to

~/Library/LaunchAgents

/Library/LaunchDaemons

/Library/LaunchAgents

Inspect and repair the browsers Safari, Chrome, and Firefox, the Applications folder, the Downloads folder, and System Preferences.

Downloads

Note the date & time on the Adobe Flash installer, and then delete, along with any other installers with the same time stamp. Empty the Trash.

Applications

Delete the application with the same time stamp. In my case that was “SystemNotes.app”, although the virus perpetuators may vary the name. Empty the Trash.

System Preferences

Delete the profile entry “SmartSignalSearch” in “System Preferences->Profiles”. The name my vary.

Safari

Safari->Preferences->Extensions

Delete the extension with the “SafeSearch” label.

Safari->Preferences->Privacy->Manage Website Data

Delete the cookies immediately related to the spammer site. Use the “Search” box.

“caresolutionsforelders.com”

“tncrun.net”

“trackingsys.tech”

“mainsourceoffreeupdate.best”

“akamaihd.net”

Quit Safari

Chrome

In Chrome preference settings:  under “Search engine”. See “chrome://settings/search” in the “Chrome” bar at the top of the page.

Select “Search engine” in the list below “Settings” on the left side of the page.

Find “Search engine used in the address bar”

Click the “Disable” button to the right of the text “SmartSearchSignal is controlling this setting”

Select the desired search engine from the popup list. Do not select the bogus “Default”!

Find “Manage search engines”

Find “Other search engines” appended to the bottom of the list.

Find the search engine labeled “Default Search” which uses the url starting with “http://ikysearchds…”

Click to the right on the three vertical dots and select “Remove from list”

Select “Default browser” in the list below “Settings” on the left side of the page.

Clicking “Make default” will make Google Chrome the default browser launched when clicking on a link in an email.

Safari will no longer launch automatically.

Select “On startup” in the list below “Settings” on the left side of the page.

Find “Open the New Tab page”

Click the “Disable” button to the right of the text “SmartSearchSignal is controlling this setting”

Find “Open a specific page or set of pages”

Find “Any Search” with the text “http://ikysearchds…”

Click to the right on the three vertical dots and select “Remove”

Quit Chrome.

Firefox

Start Firefox, then select Preferences->General.

Delete the “Home Page” text http://lkysearchds4743-a.akamaihd.net/…”, then default home page is Mozella.

Quit Firefox

That’s all of the infection I’ve found so far.

[Edited by Moderator]

Yes, Macs are susceptible to malware. That said, they get far fewer than Windows PCs. You can use Malwarebytes to scan for malware.