Jump to content

Vetting CleanMyMac

Recommended Posts

Given the power CleanMyMac needs to do its various functions, my specific goal is to find out if I can trust CleanMyMac not to be a vector for fraudulent activity on my Mac.  I can't find a discussion about this on these forums.  If there is one, can someone point me in the right direction?

More generally, does malwarebytes itself take a position on the legitimacy of popular apps, especially apps that require admin privileges to do their work.  If yes, where can I find that information.

Link to post
Share on other sites

For several years, CleanMyMac was considered by many AV vendors as a PUP as it was felt to do more harm than good in the hands of inexperienced users who had little understanding of what it was capable of and the privileges it had to manipulate files and macOS. I believe most of those vendors have dropped that classification for CleanMyMac in it's current form and because macOS has been hardened against misuse and more transparent on enabling privileges to apps in general.

It's always possible for a malware developer to substitute a malicious version of CleanMyMac or some other popular app by hacking the actual developers download site. That has happened in the past and luckily caught almost immediately. It's harder to do today with requirements for signed and notarized apps, but can still occur or a user tricked into working around that. Such occurrences are rare and the security community will be highly likely able to quickly detect, report and take action against them.

The Malwarebytes Staff will need to weigh in for an official answer on your last question, but what is clear to me is that they will  take a position on any app they feel meets their definition of a PUP or Malware, then detect, label and handle such apps in accordance with your settings. I doubt they would ever go beyond those definitions.

  • Like 2
Link to post
Share on other sites

  • Staff

Generally speaking, you should not be using any kind of "cleaning" software. Macs do not need this kind of "cleaning," which mostly just amounts to deleting cache data whose purpose is to keep your Mac running quickly and efficiently. Cleaning apps actually cause performance issues, because the Mac has to work harder to rebuild all that cached data. There are very rare cases where the cache can become corrupt, but this is far from a typical cause of performance issues.

That said, we do not detect CleanMyMac as a PUP (Potentially Unwanted Program) because it has never met enough of our PUP detection criteria. We don't recommend its use in general, as a "cleaning" app, but it is not malicious.

We do identify some supposedly legitimate apps as PUPs and detect them. This is not so much about requiring admin permissions - our own software requires that, so this by itself is not a problem - but about practices designed to deceive the user.

  • Like 2
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.