Can Apple Computers get Viruses?

Can Apple Computers Get Viruses?

In addition to their ability to work seamlessly with Apple devices, many users prefer Mac computers because of their perceived “inherent” security features. Apple also notifies users of periodic updates to make sure that every generation of Apple product has the most secure software version. But can Apple computers get viruses? And what about Mac’s suite of ultra-popular devices? Do Apple products get viruses?

While Apple does go to great lengths to keep all its devices safe by making it difficult to download any/all software foreign to its official Apple application store, this does NOT mean your Mac, iPhone or iPad is immune to all computer viruses.

What is a virus?

A virus is any piece of malicious software that invades your computer system, then copies itself. They can also then spread to other systems. This could result in stolen personal information or financial data, corrupted files, or crypto-hijacking. Here are some of the common viruses and known malware that infect Apple devices, followed by the best ways to protect your computer from them.


CookieMiner is malware that captures Chrome browser authentication cookies primarily associated with cryptocurrency exchanges. The sophisticated CookieMiner code bypasses strict security protocols of both Apple and cryptocurrency exchanges by stealing information such as passwords, usernames, and other login credential data. It can even capture backed-up data from iTunes accounts that can be used to open cryptocurrency wallets and then steal cryptocurrencies such as Bitcoin, Ethereum, and XRP. Stealing valuable cryptocurrency isn’t enough for CookieMiner hackers, however, as they also use this malware to load cryptocurrency mining software onto MacBooks to mine Koto, a little-known Japanese cryptocurrency.

Besides a significantly lighter cyber wallet, there are some other clues that your Mac may be infected by the CookieMiner virus. As a cryptocurrency miner, CookieMiner uses a significant amount of a CPU’s processing power and therefore, infected Macs will be slow to complete even basic computing tasks. You may also notice that other software applications on your Mac don’t work as well as they should or stop working completely, or your Mac could overheat.


OSX/Dok is malware that commandeers data traffic entering and leaving a Mac computer without your knowledge. It reroutes this traffic through a bogus proxy server to then obtain access to all your communications. The malware is able to counter Apple’s security because it’s signed by a legitimate developer certificate that validates its authenticity. Through OSX/Dok, a hacker even has access to data that moves through SSL-TLS encrypted connections such as banking information. This is especially troubling since a person’s iPhone, iPad, and MacBook are commonly synced.

While the original version of OSX/Dok was thwarted when Apple disabled its associated developer certificate, later versions have popped up using different developer certificates. Apple devices are vulnerable to this malware mainly when users are duped to download files through email phishing scams. Once the software is installed on your computer, it immediately takes over critical operations. Users then most often see a message that the system has detected a security issue. The malware prompts users to install an update, and it then locks up all operations until the user submits a password to install it. After obtaining the password, the malware then has full administrative privileges to take control of the device.


Crossrider is a variant on the OSX/Shlayer malware and uses a fake Adobe Flash player installer to dump other pieces of malicious code onto your Apple devices. Users mistakenly download the fake installer when they’re sent a message to update Adobe Flash player. If you follow the link, you’ll mistakenly download the fake installer instead of the real update from the Adobe website. The fake installer message will then prompt you to submit your password so that the software can make changes to your system and install the program.

Advanced Mac Cleaner, Chumsearch Safari Extension, and MyShopCoupon+ are some of the items that are installed through the fake Adobe Flash player installer. While MyShopCoupon+ and Chumsearch Safari Extension do cause minor annoyances to users, Advanced Mac Cleaner can cost you much more if you’re not careful. Advanced Mac Cleaner appears to run a security scan of your system and identifies several issues. It then asks the user to pay $107 to activate the program’s clean-up feature.

Macro Viruses From Microsoft Word

Macro viruses used to be a problem that only PC users face. Macros are pieces of code that programmers embed within applications to automate routine tasks. The code, which is written in Visual Basic, can be used to hijack applications and do harm when users open popular Microsoft Office products such as Word, Excel, or Project. Visual Basic commands in macros can result in deleted or corrupted files. When you use Word to open an infected file, Word catches the virus and passes it on to every Word document that you subsequently create.

Apple disabled macro support in its early versions of Office for Mac, but it recently allowed macros to be supported in its later versions of both Word and Excel. But Mac users still have some protection against macros viruses since Apple doesn’t allow macros to be automatically enabled by default.


MShelper is a cryptocurrency mining malware that allows a hacker to help himself to your computer’s processing capabilities in order to steal cryptocurrency. Hackers also develop this malware to display advertisements on the screens of popular browsers such as Mozilla, Chrome, and Firefox. Cybersecurity experts contend that MShelper infects computers when users download files of dubious origins. Some signs that your computer has been infected by MShelper include lowered battery life, fast-spinning fans, overheating, and increased noise.

Since crypto mining software takes a great deal of CPU power, it’s not hard to spot if MShelper is on your Mac. Click on the CPU tab under Activity Monitor on your computer. If MShelper has infected your MacBook, it’ll show up at the top of the list of applications with an extremely high CPU usage.


OSX/MaMi is malware that allows hackers to capture sensitive information by redirecting data traffic through malicious servers. Through OSX/MaMi, hackers hijack Domain Name System (DNS) servers and change the DNS settings on your Mac. This malware allows attackers to perform many harmful tasks such as stealing login credentials, uploading and downloading files, and spying on your internet traffic.

While OSX/MaMi is nearly undetectable, experts say that it’s not yet been used to target Mac users on a widespread basis. Victims of this malware encounter it through targeted email phishing scams. A sign that your Mac has been infected by OSX/MaMi is a change in its DNS settings. A MacBook infected with this malware often shows these two addresses: and

Tips for Safeguarding Macs Against Malware

While Apple does an amazing job of guarding against common security threats, determined cybercriminals can still bust their way through into Apple devices.

Here are some top tips for shoring up security for your Mac:

  • Avoid opening spam emails and attachments.
  • Don’t download questionable files.
  • Install ad-blocking applications.
  • Create frequent system backups (Time Machine).
  • Install the latest operating system (OS) and application updates.
  • Manage data.
  • Install a security suite that includes antivirus software, firewall, and browser destination monitoring.
  • Use VPN software when connected to public or untrustworthy

Stay protected

So, can Apple computers get viruses? Clearly, yes! Malware threats are everywhere, so consider subscribing to a comprehensive security suite service. It is one of the most effective steps you can take to safeguard your Apple devices, financial information, and privacy while online. McAfee partners with industry, IT experts, and the user community to deliver the most powerful cybersecurity solutions on the market.

Check more information about our latest security products.

Stay Updated

To stay updated on all things McAfee and on top of the latest consumer and mobile security threats, follow @McAfee_Home  on Twitter, subscribe to our email, listen to our podcast Hackable?, and ‘Like’ us on Facebook.


FacebookLinkedInTwitterEmailCopy Link

Stay Updated

Follow us to stay updated on all things McAfee and on top of the latest consumer and mobile security threats.


More from Internet Security

Back to top