Apple has made significant updates to macOS malware tools in the last six months, according to an update tracked by Howard Oakley of Eclectic Lighting Company.
“In the last six months, macOS malware protection has changed more than it has in the last seven years.” Malware detection on the Mac is now “completely proactive” and as active as “many commercial protection products.
Around the time of macOS 12.3 Monterey, Apple quietly introduced a new XProtect Remediator tool for its XProtect service that checks for malware in the background, according to the report. XProtect Remediator will find malware more often and fix it when it is detected.
Apple Macs previously came with Malware Removal Tool (MRT) and XProtect, but XProtect was limited to checking applications and code against a list of known malware, and MRT rarely ran. Apple’s new solution is more aggressive and offers more protection.
Xproduct Remediator is available on Macs running macOS Monterey, macOS Big Sur and macOS Catalina, but not on Macs running older versions of macOS.
The new XProtect feature is updated regularly and runs at least once a day, sometimes more often, with scans most likely to occur when the Mac is awake but not active. For some malware checks, it runs every hour or two and can identify a range of malware such as Adload, DubRobber, Pirrit, SnowDrift, Trovi, and more.