More proof that it's best not to rely solely on macOS built-in security like Gatekeeper and XProtect. https://www.darkreading.com/attacks...-targets-macos-users-crypto-wallet-data-theft
Many users will come to realize the out-of-the-box Mac demands thoughtful security alterations. Ergo, macOS users will soon enable the built-in firewall for many incoming attacks and consider a supplemental 3rd party firewall app for blocking undesirable outgoing contact with bad actor's C2 servers. Enabling macOS FileVault2 may have thwarted the toxic blockchain games from draining crypto wallets. Additionally, considerable doubt exists regarding signing and notarization of the blockchain games. Were those games downloaded from Apple's App Store? Doubtful. The appearance of built-in Bastion behavioral rules may soon elevate to front-line macOS defense against malware. The security defenses are available… HTH
Exactly my point, Mac users should be encouraged to beef up security. I didn't know about that XProtect will soon also offer behavioral detection, pretty cool. And hopefully there will be more third party behavior blockers on macOS, because this is lacking. https://eclecticlight.co/2023/06/10/bastion-in-defence-of-sonoma-security/
Actually, a few Bastion and XProtectBehaviorService rules are already to be found within macOS 13 Ventura…
Good luck with that to some die hard Mac users. Coming from a PC and always running third party security software on it, when I switched to a Mac I felt naked not running third party security software. For the first year I was running Webroot with macOS El Capitan. As Apple released the new OS's, Webroot wasn't able to keep up with the new upgrades. I've been using Malwarebytes Premium for Mac since macOS Mojave and never had any problems. I still believe in Layer Security no matter what OS I'm running.
I feel safe enough with my out of the box MBA. I do have browser security apps on Brave and Firefox. Well, that and common sense. I'm careful where I surf. I don't trust 3rd party security apps. On Windows all MBAM found were false positives. I was more concerned with f/p's being responsible for eviscerating my HDD. I don't even have a firewall on Ubuntu. But there are only twenty seven other people in the world who actually use Ubuntu. So, hardly a target then.
That's the problem, most people probably think Mac's can't be hacked. And same over here, I also believe in layered security. But I think it's specially dangerous for people who also download apps from outside the App Store. You shouldn't run into trouble when you only download apps from the App Store. About Malwarebytes Premium, it doesn't seem to be as advanced as on Windows, so no anti-exploit and anti-ransomware, it's a simple scanner. I'm guessing that macOS doesn't give third party tools the option to perform behavior blocking at the moment, on Windows it's much more advanced.
