Apple M1 Chip - native Malware/Anti-Virus App

I believe he said he was looking for a native solution not a naive one. All computers need protection. Bitdefender has been consistently the best for years on both Win and Mac platforms. I’m still waiting on a native version myself.

"malware" is a very open ended term.

There are no known viruses in the wild that can affect macOS. Full Stop.

"Malware" simply means "malicious software".

Is there malware out there for Macs? Sure. You can not get it without taking positive action.

Common sense is the best defense against malware.

As someone with well over 3 decades in IT, I will also say that Kaspersky should NEVER, EVER be recommended or used on ANY platform. Not unless you really want to feed personal data to the Russian security service.

First, there is no reason to ever install or run any 3rd party "cleaning", "optimizing", "speed-up", anti-virus, VPN or security apps on your Mac.  This user tip describes what you need to know and do in order to protect your Mac: Effective defenses against malware and other threats - Apple Community.  

There are no known viruses, i.e. self propagating, for Macs.  There are, however, adware and malware which require the user to install although unwittingly most of the time thru sneaky links, etc.   

Anti Virus developers try to group all types as viruses into their ad campaigns of fear.  They do a poor job of the detecting and isolating the adware and malware.  Since there are no viruses these apps use up a lot of system resources searching for what is non-existent and adversely affect system and app performance.

There is one app, Malwarebytes, which was developed by a long time contributor to these forums and a highly respected member of the computer security community, that is desshoigned solely to seek out adware and known malware and remove it.  The free version is more than adequate for most users. It runs on M1 Macs. 

Also, unless you're using a true VPN tunnel, such as between you and your employer's or bank's servers, they are useless from a privacy standpoint: Public VPN's are anything but private.  

This is like the Left Twix vs. Right Twix debate. People swear by antivirus software for Macs and have no trouble with viruses. People don’t use antivirus software and have no trouble with viruses.

Apple builds ample security and protection into macOS, but for most people that’s really not a factor in whether or not you give Apple your money.

Antivirus software makers highlight all the ‘threats’ that exist, and they depend mostly on your fear to earn their money. Because fear doesn’t always work, they cut deals with Apple resellers to bundle ‘free’ antivirus software with Macs (free...for a while — just enter your credit card info, you can cancel at any time, we’re sure most of you will forget to cancel though mwaa-haa-haa).

You can believe who you choose.

Instead of repeating nonsense, check into the "native" protection of Catalina and beyond. You clearly have no idea. Starting with Catalina, Mac OS and the system files are now "sequestered: in their own own volume which is read only. That means neither you nor anyone else nor malware will have access to do anything.

Your data are now on a second volume (Mac HD - Data) and that is read/write, but that is not where a virus would go to. And, "malware" also encompasses simple adware which can pop up if you go to a site that allows such things; however, that is easy to get rid of and no AV software will be able to prevent that.

So, yes, Mac OS is protected. There is no need to slow down your system by software which cannot access what it wants anyway and that will only lead to slowdowns. Nor can any "cleaning" app be helpful.

https://support.apple.com/en-us/HT210650

It's about risk mitigation

I'm simply going to let you read these. My question to you is: how will something (anything) penetrate the extra layers of protection if the OS and system are simply not accessible? I won't be back to this thread.

https://support.apple.com/en-us/HT210650

https://developer.apple.com/news/?id=3xpv8r2m

https://manuals.info.apple.com/MANUALS/1000/MA1976/en_US/device-and-data-access-when-personal-safety-is-at-risk.pdf

michaelm411 wrote:

I mention this as origin of business should be a factor in a purchase.

Some may not make versions for MacOS or for that matter be fully compatible with M1.

And they are all unnecessary.

See here:

Effective defenses against malware and ot… - Apple Community

Do not install third party apps that claim to secure your Mac:

macOS - Security - Apple

Set up your Mac to be secure - Apple Support

Security features on your MacBook Pro - Apple Support

Protect your Mac from malware - Apple Support

Effective defenses against malware and ot… - Apple Community

There’s no need.

macOS - Security - Apple

Yes, malware, adware, scareware, and ransomware is out there in the wild attacking Macs. Most of it is not terribly dangerous but more annoying. Mac's are not immune to these threats but if you observe common sense safe practices it is unlikely to be a problem.

Exercising some caution in regards to phishing emails and text / social media messages as well as noticing those pop-up advertisements that attempt to convince you that you are infected and to install fake anti-malware tools, etc. goes a long way to protecting you. The rest is a matter of the following:

1. Do not install software from anywhere except the Mac App Store or directly from a reputable vendors direct website. Most cleaners, maintenance tools, Anti-virus, and Anti-malware tools are not to be trusted and are mostly unnecessary. If they are legit tools, they do more to slow down your Mac than anything else.
2. If an application states it wasn't signed by an Apple Developer nor Notarized (scanned for malware by Apple) think twice and maybe a third time before you install it. Make sure you fully trust the source of this application.
3. Do not pirate software nor media of any kind (very common for malicious payloads to be included)
4. Be wary of free games or download shareware sites that tend to include adware and another annoyances. Pay attention to text during the installation and uncheck necessary things like browser extensions, etc.
5. Running any ad-blocker will go a long way to protecting you from rogue drive-by malware inside ad networks. I've had things download and attempt to run that originated from a rogue advertisement on a mainstream website.
6. Avoid the seedy underbelly of the Internet (pr0n, hacking, illegal activity, etc.)
7. Do enable the Firewall
8. Disable any Sharing features in System Preferences you do not really need
9. Do keep macOS and all your Applications up-to-date with security updates.
10. Never Ever install a Configuration Profile unless it's your employer or schools IT department asking you to enroll BYOD (Bring Your Own Device) or it's a Mac owned by your employer or school. Never install any Configuration Profile that isn't signed with a valid certificate either. You will see a lot of red text and warnings. Do not ignore them.

[Edited by Moderator]

Users are going to continue to shoot themselves in the foot. It's not like malware is infecting the Mac like a worm. It's the user clicking something, installing something. The landscape of malware / adware is constantly changing. It also doesn't help when MalwareBytes, DetectX, etc. do not flag all these things as malware because it doesn't fit the narrow definition of malware.

From worst to least:

1. Installed pirated software
2. Falls victim to phishing attacks via email / Messages
3. Doesn't run an ad-blocker
4. Surf's scammy websites that are little more than infomercials hocking snake oil health products
5. Installs shareware obtained from less than reputable sources
6. Installs cheesy games
7. Doesn't read the notices where you can uncheck adware installations
8. Gets fooled into installing MDM Profile despite all the warnings in red text
9. Surf's the seedy underbelly of the Internet
10. Clicks on all sorts of advertisements and popups

Same thing goes for all those people who answer their phones and get scammed and end up sending money to criminals offshore. Hundreds of millions of US dollars a year. Not to mention the ransomware which is typically more targeted to businesses lately.

How many users have posted on these discussion forums and they haven't backed up their devices? Mostly it's iPhones but Macs too. Some people just have to learn the hard way.

I like what Apple is doing security wise but not thrilled in losing flexibility. I don't want the Mac to become like an iPad.

There are many instances of native binary arm64 malware examples in the wild. Seems the bad guys are more adept than the AV vendors.

There are enterprise security endpoints such as CrowdStrike and Jamf Protect that do things the Apple recommended way and they work very well. But these are not available to the average consumer and are meant to be deployed by an IT department. Unfortunately most all consumer retail security solutions are hot garbage that will slow down your Mac and cause more problems than they solve.

If the average user merely follows best practices they will be unlikely to get infected.

1. Try not to install software unless it's obtained via the Apple App Store.
2. If you have to install software make sure you obtain it directly from the vendors website.
3. Avoid shareware sites as they tend to inject adware into the downloads to help pay for their services.
4. Open Source applications are quite good but be sure you know what you are doing if you decide to use them.
5. If you are a developer be extremely cautious about installing 3rd party libraries from open repositories. Become very versed in developer best practices. New forms of attack involve infecting the supply chain. Make sure you audit any such code.
6. Never ever pirate commercial software, most of the time there is a malicious payload that hitches a ride onto your system.
7. When installing software, read the screens especially the tiny fine print and look for checkboxes. Do not approve 3rd party add-ons, etc.
8. Always keep your operating system and applications up-to-date
9. Avoid surfing the seedy underbelly of the Internet
10. Install an ad-blocker
11. Beware of phishing emails and text messages
12. Create two user accounts, one an admin account and a limited account to use as your primary account
13. Think twice and perhaps a third time before using your admin account to install anything
14. Backup your system, really no excuse since Time Machine is literally a no brainer backup solution.

Government computers, especially at the ABC agencies are heavily locked down to an extreme degree. The users are not allowed to do much at all in regards to configuration. They can merely use the computers. They cannot install software, hardware, etc. Everything is managed by an IT department and IT Security department.

I’m Googling around myself this morning hoping to find when a Native version will be available. If you find something let me know... I’ll do the same. Don’t believe people who tell you it’s not required as that’s nonsense as in 2019 it was estimated that perhaps as many as 10% of Macs were infected malware. Apple will mention XProtect but it’s not up to the job. Stick to Apple Store apps until you install one and as someone with decades in the IT industry I’d recommend Bitdefender. Kaspersky would be my second choice.

Hac-D-Mac wrote:

I believe he said he was looking for a native solution not a naive one. All computers need protection. Bitdefender has been consistently the best for years on both Win and Mac platforms. I’m still waiting on a native version myself.

The OP first asked if 3rd party virus protection was necessary. It is not, which renders the issue of native versions of it moot. If you wish to waste your money on something unnecessary, you are obviously welcome to do so.

@KiltedTim

A good antivirus is a very good complement and it is worth paying for it. At least if you have and work with material worth protecting or in any way work with customers exchanging files. You can receive a word document with a macro virus in it, and send the infected document on to your customer. That would ve good for your reputation and your company :) That you could maybe prevent with a decent antivirus software. At least the known ones...

And there are now a lot of viruses that are not good even if you use a mac. More users on a platform generates more interest and effort from the virus makers. https://en.wikipedia.org/wiki/MacOS_malware

Why mention Kaspersky and Russia? I see the antivirus discussion in general. I would not use crypto software from China, Russia, US and a couple more... I prefer, but do not require to have the source code to look at. You must make your own decisions from where you buy your software. No difference if it is antivirus software, crypto software or any other software.

Common sense and general IT knowledge is just one part of it, but you obviously 100% rely on it.

You are out on deep water here :)