Toggle sidebar Toggle sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Can ads infect Mac?

H

Hagellom

macrumors newbie
Original poster
Good day!

I was browsing image board site and suddenly there are some penis size increasing ads at the bottom of page.

1) I haven't clicked them - they just are there - could this infect Mac? If they are just there?

2) Accidents happen and should I accidentally click one of those, could it infect Mac?
 
Nah they won't infect if they're just there. You can install an Adblocker if you haven't already.

Clicking on them wouldn't normally infect a Mac. There are a few exceptions if it's using a Javascript/Flash exploit; just another reason why it's best not to have Java or Flash installed. Regardless there are very few points of infection on a Mac and the only current known threats are malware (needs user password to install), rather than self-replicating viruses that you'll find on Windows computers.

If you ever have a problem with popups or odd applications finding their way onto your computer, just run a scan through MalwareBytes for Mac and it'll solve the problem: https://www.malwarebytes.com/mac/
 
  • Like
Reactions: Hagellom
keysofanxiety said:
Nah they won't infect if they're just there. You can install an Adblocker if you haven't already.

Clicking on them wouldn't normally infect a Mac. There are a few exceptions if it's using a Javascript/Flash exploit; just another reason why it's best not to have Java or Flash installed. Regardless there are very few points of infection on a Mac and the only current known threats are malware (needs user password to install), rather than self-replicating viruses that you'll find on Windows computers.

If you ever have a problem with popups or odd applications finding their way onto your computer, just run a scan through MalwareBytes for Mac and it'll solve the problem: https://www.malwarebytes.com/mac/
Click to expand...

Thank you for explanation.
I have AdBlockPlus, but seems like these sudden ads somehow get past it. Site's policy likely.

I have no Flash Player and no Java Runtime/Java Virtual Machine - if that is what you meant?
https://en.wikipedia.org/wiki/Java_virtual_machine

I use NoScript, but have to allow some scripts to run.

So unless something asks my password, I can safely ignore those ads?
 
Last edited:
There is always a slight risk that this can happen, but there is no need to worry. Adblock and NoScript are decent solutions to protect you against this. Also consider disabling any Internet plug-ins you might have, in Safari’s security settings.
 
  • Like
Reactions: Hagellom
KALLT said:
There is always a slight risk that this can happen, but there is no need to worry. Adblock and NoScript are decent solutions to protect you against this. Also consider disabling any Internet plug-ins you might have, in Safari’s security settings.
Click to expand...

Slight risk IF I click on ads? Not when they just are there?
 
Slight risk if they're even there. There are drive by infections. All you need to do is visit the page and you'd be infected. The risk of this happening are always there, but can be greatly reduced so long as you are using up to date software.
 
Intell said:
Slight risk if they're even there. There are drive by infections. All you need to do is visit the page and you'd be infected. The risk of this happening are always there, but can be greatly reduced so long as you are using up to date software.
Click to expand...

So just visiting web page with infected ad could download and install something into Mac?
 
Hagellom said:
So just visiting web page with infected ad could download and install something into Mac?
Click to expand...

Theoretically, yes. Web engines are very complex programs that support a whole range of formats. A vulnerability in the web engine or one of its supporting processes could be exploited by a website, which compromises the security of your system. That is why you should still be cautious when browsing to suspicious websites and keep your browser and system software up to date.

There is no need to worry though, I just wanted to put this on the record. You are already doing the right thing by not using any plug-ins (which independently execute any input that a website might give to them) and using blockers that restrict JavaScript execution. Safari has a fairly complicated security structure that tries to protect you against drive-by attacks. The only other things you can do, in Safari at least, is to disable the ‘Open “safe” files after downloading’ option in Safari’s general settings, and disable WebGL in Safari’s security settings. Chrome and Firefox have their own security models.
 
  • Like
Reactions: keysofanxiety and Hagellom
KALLT said:
Theoretically, yes. Web engines are very complex programs that support a whole range of formats. A vulnerability in the web engine or one of its supporting processes could be exploited by a website, which compromises the security of your system. That is why you should still be cautious when browsing to suspicious websites and keep your browser and system software up to date.

There is no need to worry though, I just wanted to put this on the record. You are already doing the right thing by not using any plug-ins (which independently execute any input that a website might give to them) and using blockers that restrict JavaScript execution. Safari has a fairly complicated security structure that tries to protect you against drive-by attacks. The only other things you can do, in Safari at least, is to disable the ‘Open “safe” files after downloading’ option in Safari’s general settings, and disable WebGL in Safari’s security settings. Chrome and Firefox have their own security models.
Click to expand...

OK, thank you! I use Firefox mostly, due to NoScript and easier layout.

1) Which would you consider safest, Safari, Firefox or Opera? Or is that impossible to say?

2) Are there infections that could get in even without asking me to type in password?

3) Malwarebytes would find anything that could slip in? Or should I use some different security app as well?
 
Hagellom said:
So just visiting web page with infected ad could download and install something into Mac?
Click to expand...

Only if it uses a software exploit. Java and Flash are the most common cases, so not having these will vastly reduce the chance of that happening.

Of course there are exploits in browsers and the like but Macs aren't really targeted -- not due to security through obscurity as some maintain, but simply because it's a lot more difficult to pull off. Even if an exploit somehow runs, all system files are locked down with SIP since El Capitan and infections can't elevate privileges as easily as they can in Windows. Certainly no way they can run sudo commands without the users' knowledge; definitely no way they can get close to running a root command.

Saying this is likely to prompt a number of commenters pointing to hypothetical scenarios or the odd previously discovered Safari exploits/root exploits as 'proof' that it's possible; however the point remains that there has not been a single virus in OS X's history and no known virus that used the aforementioned exploits. Lots of malware, sure, but no viruses. That's not to say you should be carefree or think that it's impossible to get infected; of course you should continue to practice safe browsing habits and vigilance. But you can be reassured that you can enjoy your machine without needing to be too paranoid or concerned. 🙂
[doublepost=1487605001][/doublepost]
Hagellom said:
OK, thank you! I use Firefox mostly, due to NoScript and easier layout.

1) Which would you consider safest, Safari, Firefox or Opera? Or is that impossible to say?

2) Are there infections that could get in even without asking me to type in password?

3) Malwarebytes would find anything that could slip in?
Click to expand...

1) Personally I'd say Safari, though that doesn't mean to say you should stop using your browser of choice.
2) None that I know of. Hypothetically possible with exploits, but then almost everything in the computer world is hypothetically possible. 🙂
3) That's pretty much the case!
 
  • Like
Reactions: Weaselboy and Hagellom
keysofanxiety said:
Only if it uses a software exploit. Java and Flash are the most common cases, so not having these will vastly reduce the chance of that happening.

Of course there are exploits in browsers and the like but Macs aren't really targeted -- not due to security through obscurity as some maintain, but simply because it's a lot more difficult to pull off. Even if an exploit somehow runs, all system files are locked down with SIP since El Capitan and infections can't elevate privileges as easily as they can in Windows. Certainly no way they can run sudo commands without the users' knowledge; definitely no way they can get close to running a root command.

Saying this is likely to prompt a number of commenters pointing to hypothetical scenarios or the odd previously discovered Safari exploits/root exploits as 'proof' that it's possible; however the point remains that there has not been a single virus in OS X's history and no known virus that used the aforementioned exploits. Lots of malware, sure, but no viruses. That's not to say you should be carefree or think that it's impossible to get infected; of course you should continue to practice safe browsing habits and vigilance. But you can be reassured that you can enjoy your machine without needing to be too paranoid or concerned. 🙂
[doublepost=1487605001][/doublepost]

1) Personally I'd say Safari, though that doesn't mean to say you should stop using your browser of choice.
2) None that I know of. Hypothetically possible with exploits, but then almost everything in the computer world is hypothetically possible. 🙂
3) That's pretty much the case!
Click to expand...

Thank you for clarifying!
 
  • Like
Reactions: keysofanxiety
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back