It’s a long-held belief of Mac users that their computers are immune to the kind of malware and viruses that plague Windows PCs. While there is some credibility in this idea, we shouldn’t get over-confident when it comes to Mac security, as there are exploits that criminals can use to hack your Mac and leave it like a wide-open door through which they can steal your data or worse.

In this article, we take a look at whether Macs can be hacked, how to tell if your Mac has been hacked or if someone is spying on your Mac, and what you can do if your Mac is being remotely accessed. Here’s what you need to know – and what you need to do.

Can Macs get hacked?

Apple has gone to great lengths to make it difficult for hackers to gain access to Macs. With the protections offered by Gatekeeper, the Secure Enclave features of the M1, M2, M3 and M4-series of chips, and the T1 or T2 chip in some Intel-powered Macs, plus Apple’s built-in antivirus XProtect, targeting Macs may well be considered too much effort by hackers. We discuss this in more detail here: How secure is a Mac? and in Do Macs need antivirus software?

PROMOTION

Antivirus Deal: Intego Mac Premium Bundle

Get Intego’s Mac Premium Bundle X9 with antivirus, firewall, backup and system performance tools for just $29.99 (down from $84.99) for the first year.

Get Deal

However, from time to time security vulnerabilities are detected that could be used by hackers to exploit Macs. These vulnerabilities are sometimes referred to as back doors or as a zero-day vulnerability. When these are identified by security researchers (or friendly hackers) they usually alert Apple to them in the hope that the company will quickly close the vulnerability, quickly – or within zero days – before it is exploited. 

Such vulnerabilities, though rare, could allow an attacker root access to your Mac.

Apple is usually quick to fix, but there have been cases where Apple has been criticized for being slow to respond to the threat once it’s been identified.

For example, in August 2023 a software developer released details about a flaw in App Management, a security feature introduced in macOS Ventura designed to prevent malicious software modifications and alerting the user in such an instance. The developer had discovered the issue before the release of Ventura in October 2022, but a fix was not immediately issued, so, in August 2023, the developer went public with details of the flaw which meant that apps could bypass the check by App Management. More here.

In another example, researcher Filippo Cavallarin found a Gatekeeper vulnerability in 2019 that he alerted Apple to. Having had no response from Apple within 90 days he went public with details of the vulnerability.

In December 2023, a group of university researchers alerted Apple to a vulnerability in Apple’s M-series chips that can be exploited to gain access to cryptographic keys. Dubbed “GoFetch,” the vulnerability could be used by an attacker to access a user’s encrypted files. As of June 2024, Apple is yet to issue a fix, perhaps because of its effect on performance.

Those pointing out vulnerabilities aren’t always ignored by Apple. In 2021, Apple paid a student $100,000 after he discovered a dangerous vulnerability relating to Macs and reported it to Apple. The vulnerability, which could enable a hacker to gain control of a Mac user’s camera, was identified by Ryan Pickren in July 2021 and fixed by Apple in macOS Monterey 12.0.1 on October 25, 2021. More information here: Hacker ‘could take over any Apple webcam’.

It’s not always a flaw in Apple’s software that can leave Macs vulnerable. In August 2023 a serious vulnerability that affected Intel processors was highlighted. Affected devices included Intel-powered Macs from 2015 onwards (M-series Macs were all ok). According to researcher Daniel Moghimi: “Downfall attacks target a critical weakness found in billions of modern processors used in personal and cloud computers.” Intel released a patch, but it’s not the first time this has happened. Back in 2018, in a similar case, Meltdown and Spectre attacked vulnerabilities in Intel and ARM processors. That risk was mitigated by updates to the operating system which closed off the areas that were exposed.

Do Macs get hacked?

<figure data-wp-context='{"uploadedSrc":"https:\/\/images.macworld.co.uk\/cmsdata\/features\/3801843\/apple_macbook_air_m1_2020_review_69_thumb.jpg","figureClassNames":"wp-block-image","figureStyles":null,"imgClassNames":null,"imgStyles":null,"targetWidth":"none","targetHeight":"none","scaleAttr":false,"ariaLabel":"Enlarge image: Mac hammer","alt":"Mac hammer"}' data-wp-interactive="core/image" class="wp-block-image wp-lightbox-container"><button class="lightbox-trigger" type="button" aria-haspopup="dialog" aria-label="Enlarge image: Mac hammer" data-wp-init="callbacks.initTriggerButton" data-wp-on-async--click="actions.showLightbox" data-wp-style--right="context.imageButtonRight" data-wp-style--top="context.imageButtonTop">
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="12" fill="none" viewbox="0 0 12 12">
<path fill="#fff" d="M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z"></path>
</svg>
</button></figure>

It may be rare when compared to Windows, but yes, there have been cases where Macs have been accessed by hackers.

This can take various forms and there are various types of Mac malware that have been discovered ‘in the wild’ on Macs as you can see from our run-through of the various threats affecting macOS: List of Mac viruses, malware and security flaws. Soon after launch, Malware targeted the M1 Mac – read about Silver Sparrow and the first cases of malware for M1 Macs.

And in April 2024 Apple alerted some users via an email, suggesting that they may have been the target of spyware. “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-,” read the email, as detailed here: Apple warns users in 92 countries of spyware attack.

This kind of attack isn’t likely to affect the general public though, so if you aren’t protecting state secrets or heavily invested in cryptocurrency you are unlikely to fall fowl of such an attack.

How Apple protects Macs from hackers

Apple is kept busy patching these security flaws as and when they arise, but it used to be reliant on users to install them. Before Apple launched macOS Ventura in 2022 an update to the operating system was required to get the important security component on a Mac. Since some people delay installing operating system updates this was problematic so Apple changed the way security updates are applied to Macs. These important security updates can now be delivered as background updates that can be automatically installed on a Mac without the user having to do anything–although we recommend you check the following to ensure it is set up on your Mac:

1. Open System Settings.





2. Choose General.





3. Click on the i beside Automatic Up