Nearly 50% of macOS malware comes from one app — do you have it on your MacBook?

malware
(Image credit: Getty Images/CHUYN)

There's good news and bad news for macOS users, according to a new report from Elastic Security Labs. On the plus side, only 6% of malware ends up on macOS devices compared to the 54% of malicious threats that slide into Windows' systems.

On the downside, macOS isn't totally immune to malware, and as such, users still need to watch out for ill-intentioned apps. According to the 2022 Global Threat Report, nearly 50% of all macOS malware comes from one app (h/t 9to5Mac).

Most macOS malware comes from these three apps

The biggest source of macOS malware? Elastic Security Labs investigators pointed their fingers at MacKeeper, a macOS app ironically designed to protect users' devices by offering cleaning, security, privacy and performance tools. According to the report, a whopping 48% of macOS malware is sourced from MacKeeper.

macOS

Elastic Security Labs stats (Image credit: Elastic Security Labs)

"While its initial purpose is to aid macOS users, [it can often] be abused by adversaries because since it already has extensive permissions and access to processes and files," the Elastic Security Labs investigators said.

MacKeeper is known for having quite a tumultuous past and an ambiguous reputation. Some Apple users have warned others about MacKeeper. In one forum, for example, an Apple Support Community poster (opens in new tab) described the app as a "highly invasive malware that can de-stabilize your system." The macOS app has attempted to clean up its sullied character in recent years, but unfortunately, this Elastic Security Labs report isn't helping its case.

The next pervasive macOS threat, ranking at a far second at 17%, is the XCSSET malware, which was known for taking advantage of vulnerabilities discovered inside Safari. It can also steal confidential data, take secret screenshots, access users' microphones and webcams remotely, and install ransomware.

Finally, sitting in third place is Adload, a malicious software that hijacks victims' browsers and forces them to visit disreputable, shadowy websites.

The 2022 Global Threat Report failed to dive deep into these malware families, but a quick research revealed one interesting nugget of information: MacKeeper is notoriously difficult to remove. Allow us to give you insight on how to remove this pesky app.

How to remove MacKeeper

Here's an easy, step-by-step guide on how to remove MacKeeper (special thanks to YouTuber HowtoCat).

1. Go to Finder.

2. Click on Applications.

3. Search for MacKeeper.

4. Hit the plus sign (ensure the "This Mac" tab is selected).

5. Click on "Name" to open the drop-down menu. Click on "Other."

6. Scroll all the way down to System Files; tick the checkbox next to it.

7. Click on "Name" again and select System Files. Change "aren't included" to "are included."

8. Delete all the files you see in the folder (Right click > Move to Trash). 

Once you've done that, MacKeeper should be wiped from your macOS device. Don't forget to empty your Trash!

Kimberly Gedeon, holding a Master's degree in International Journalism, launched her career as a journalist for MadameNoire's business beat in 2013. She loved translating stuffy stories about the economy, personal finance and investing into digestible, easy-to-understand, entertaining stories for young women of color. During her time on the business beat, she discovered her passion for tech as she dove into articles about tech entrepreneurship, the Consumer Electronics Show (CES) and the latest tablets. After eight years of freelancing, dabbling in a myriad of beats, she's finally found a home at Laptop Mag that accepts her as the crypto-addicted, virtual reality-loving, investing-focused, tech-fascinated nerd she is. Woot!