It’s a long-held belief among Mac users that their computers are immune to the kinds of malware and viruses that plague Windows PCs. While there is some credence to this idea, we shouldn’t get overconfident when it comes to Mac security, as there are exploits that criminals can use to hack your Mac and leave it as a door wide open for them to steal through. your data or worse.
In this article, we take a look at whether Macs can be hacked, how to find out if your Mac has been hacked or if someone is spying on your Mac, and what to do if your Mac gets remote access. Here’s what you need to know – and what you need to do.
Can Macs be hacked?
Apple has gone to great lengths to make it difficult for hackers to gain access to Macs. With the protection offered by Gatekeeper, the Secure Enclave features of the M1 and M2 series of chips and the T1 or T2 chip, and Apple’s built-in antivirus XProtect, targeting Macs may well be considered too much effort by hackers. We discuss this in more detail here: How secure is a Mac? and in Do Macs Need Antivirus Software?
However, from time to time, security vulnerabilities are discovered that can be used by hackers to exploit Macs. These vulnerabilities are sometimes referred to as backdoors or as a zero-day vulnerability. When these are identified by security researchers (or friendly hackers), they usually notify Apple about them in the hope that the company will quickly close the vulnerability, quickly – or within zero days – before it is exploited.
Such vulnerabilities, while rare, could give an attacker root access to your Mac.
Apple is usually quick to fix, but there have been cases where Apple has been criticized for being slow to respond to the threat once it is identified.
For example, in 2019 researcher Filippo Cavallarin found a Gatekeeper vulnerability that he notified Apple about. After receiving no response from Apple within 90 days, he published details of the vulnerability.
Back in 2018, the news was filled with stories about the Meltdown and Specter bugs that attacked vulnerabilities in Intel and ARM processors. The Guardian reported that Apple confirmed “All Mac systems and iOS devices are affected, but there are no known exploits affecting customers at this time.” The risk was mitigated by updates to the operating system that closed off the areas that were exposed.
Recently, Apple paid a student $100,000 after he discovered a dangerous vulnerability related to Macs and reported it to Apple. The vulnerability, which could allow a hacker to gain control of a Mac user’s camera, was identified by Ryan Pickren in July 2021 and fixed by Apple in macOS Monterey 12.0.1 on October 25, 2021. More information here: Hacker ‘can take over any Apple webcam”.
Apple continues to patch these security flaws as and when they occur. If the company issues a macOS update with a security component, it’s important to install it as soon as possible. You can set your Mac to download and update automatically. Follow these steps to do so:
- Open System Preferences.
- Click on Software Update.
- Select Keep your Mac automatically updated.
Now your Mac will check for updates, download the update, and install the update without you having to do anything.
Are Macs getting hacked?
It may be rare compared to Windows, but yes, there have been cases where Macs have been cracked open by hackers.
This can take various forms, and there are different types of Mac malware that have been detected “in the wild” on Macs, as you can see from our review of the different threats affecting macOS: List of Mac viruses, malware and security flaws. Malware has even been found on the M1 Mac – read about Silver Sparrow and the first case of M1 Mac malware.
We go through the types that are more relevant to hacking Macs below:
Cryptojacking: This is where someone uses their Mac processor and RAM to mine cryptocurrency. If your Mac has slowed right down, this could be the culprit.
Spyware: Here, hackers attempt to collect sensitive data about you, such as login details. They can use keyloggers to record what you type and ultimately have the information they need to log into your accounts. In one example, the OSX/OpinionSpy spyware stole data from infected Macs and sold it on the dark web.
Ransomware: Some criminals use Ransomware to try to extort money from you. In cases like KeRanger, hackers could have encrypted files on Macs and then demand money to unencrypt them. Fortunately, security researchers identified KeRanger before it started infecting Macs, so it was fixed before it became a serious threat.
Bottom line: In this case, the computer becomes a remote spam machine. In the case of the Trojan horse, OSX.FlashBack infected over 600,000 Mac computers.
Proof-of-concept: Sometimes the threat isn’t actually seen in the wild, but is a proof of concept based on a loophole or vulnerability in Apple’s code. Although this is a minor threat, the concern is that if Apple is not quick enough to close the vulnerability, it could be exploited by criminals. In one example, Google’s Project Zero team designed a proof-of-concept known as Buggy Cos that was able to access parts of macOS thanks to a flaw in macOS’s memory management.
Port utilization: It’s not always the case that the hack is enabled by some kind of malware downloaded to the Mac. In some cases, Macs have been hacked after something is plugged into a port. It’s possible that Macs can be hacked via USB and by the Thunderbolt port – which is a good reason to always be careful about what you connect to your Mac or leave your Mac unattended. For example, in the checkm8 exploit, it could have been possible for hackers to gain access to the T2 chip by connecting a modified USB-C cable. Similarly, in the case of Thunderspy, a serious vulnerability with the Thunderbolt port could have given a hacker access to a Mac.
Can a Mac camera be hacked?
Once a hacker has access to your Mac, there are various ways they can try to get information about you, or use your Mac’s processing power for their own purposes. As we mentioned above, in the case of spyware, the hacker may try to install a keylogger so that it can record what you type and look for your password. The hacker may also attempt to highjack the microphone or video camera.
Theoretically, this shouldn’t be possible: since the launch of macOS Catalina in 2019, Apple has protected Mac users from this type of exploit by ensuring that you have to give your permission before the microphone or video camera is used, or before a screen recording can take place. And if your camcorder is being used, you’ll always see a green light next to it. However, the example we mention above, where Ryan Pickren notified Apple of a vulnerability that could allow a hacker to gain control of a Mac user’s camera, suggests that Apple’s notification was not enough to stop the camera from being accessed.
There was also a camera-related vulnerability that affected Mac users of the video conferencing service Zoom. In this case, hackers can add users to video calls without their knowledge and then activate their webcams but keep the lights off. This would allow potential hackers (or law enforcement agencies) to monitor your activities and you would have no idea the camera was watching you. Zoom patched the vulnerability, but only after it became public knowledge when the person who found it reported that the bug had been in place for three months after the company had been privately informed of the risk. For more information read: How to stop webcam hacking on Mac.
Wondering if FaceTime is secure? Read Is Apple FaceTime safe?
How to find out if your Mac has been hacked
If you think your Mac has been hacked, there are a few ways to find out. First, look for the signs: Has your Mac crashed? Is your internet connection painfully slow? Do the ads you’re seeing look a little more dodgy than usual? Have you noticed anything strange on your bank statements?
- If you think an account may have been hacked, check the website haveibeenpwned.com and enter your email address to see if it’s mentioned in a data breach. If it has been, remember to change your password! This doesn’t mean you’ve been hacked, but it’s certainly possible that if this information is out there, you could be.
- Another way to find out if there is any strange activity is to check Activity Monitor and look specifically at network activity.
- You can also go to System Preferences > Sharing and check if anyone suspicious has access to anything.
- Your best bet is to run a scan of your system with some kind of security software that can check for any viruses or malware that may have entered your system. We’ve rounded up the best Mac antivirus apps, recommending Intego as our pick.
You may also want to read our guide on how to remove a virus from a Mac.
How to protect your Mac from hackers
macOS is a very secure system, so there’s no need to panic, but if you want to reduce your chances of being compromised, there are a few things you can do.
- The first is to try to only download software from either the Mac App Store or the official websites of manufacturers.
- You should also avoid clicking on links in emails – just in case they lead you to fake websites and malware.
- Do not use USB cables, other cables or memory sticks if you cannot be sure that they are safe.
- When browsing the web, browse in private or incognito mode.
- If you ever receive a ransomware request or a phishing email, do not respond, as all this does is confirm your existence.
- Another is to make sure you download updates to macOS as soon as they become available, as they usually include security patches. In fact, you can set up your Mac to download such updates automatically. Turn on Automatic Updates in System Preferences > Software Update and click next to Keep your Mac automatically updated.
- Finally, consider using a dedicated security software package. You will find our selection of the current offers in the best Mac antivirus. Right now, our top picks are Intego Mac Internet Security X9, but we also like McAfee Total Protection 2021 and Norton 360 Deluxe.
- You should also consider using a password manager, as this will allow you to have multiple, complicated login details across all your accounts without having to remember them. Here are our recommendations LastPass, 1Password and NordPass.
Do you feel safer now? Learn even more by reading the helpful tips in the best Mac security settings.