Skip to content

How to Remove Malware from Safari on Mac

Learn how to clear and remove malware injected into Safari browser on MacOS computer. We can clear the data and settings to reset and remove the Safari malware.

Attackers can inject malware into the Apple Safari browser that results in activities like different search engine engines, website loading issues, malicious ads, and popups. However, we can remove these malware injections easily after resetting the browser data, settings, and extensions back to normal.

Remove and Clear Malware from Safari browser

Unlike Windows and Android devices, Apple computers are not very popular for being targeted by viruses and malware. Mac and iOS devices possess a rugged security model, which is exceptionally tough to penetrate.

However, over the past few years, cybercriminals have taken advantage of Apple’s ecosystem’s components to inject undetectable malware into computers. Safari being a salient component of iOS and Mac, has been considerably targeted to satisfy the ultimate purpose of the script kiddies and hackers.

These malware injections are dynamic and vary on a large scale and as per the attacker’s purpose. The worst part here is most users are unaware of their web activity and functions.

A few weeks ago, the malware was injected into my Safari browser, causing it to slow down and loading unskippable ads everywhere. When malware hits your Safari browser, it will start unusual behavior and suspicious activities like this.

So if you encounter any suspicious or abnormal activity throughout your browsing session, chances are there might be some malware in your browser.

Thankfully I was able to get the malware out of the Safari browser, but in case you are stuck in a similar position, here are some of the most efficient ways to check and remove malware from your Safari Mac.

Check Malware

Whenever malware enters your system, it will create certain disturbances and abnormal behavior in your Safari browser. It may redirect you to different pages suddenly and display unwanted pop-up ads out of the blue.

One such example of a potential threat to Safari is the Bing and Yahoo redirect virus, which dominated for a long time in 2019. It is used to redirect the user’s internet traffic to the front page of being without any permission.

And even if users successfully identified the potential threat, no one could understand its purpose or how to check for it.

When browsers like Apple Safari, Google Chrome, Mozilla Firefox, etc., these infections primarily occur in extensions and plugins. So, the first method to confirm such a threat is by identifying suspicious extensions on their browser.

Remove Suspicious Extensions

The primary source of malware in the Safari browser is due to third-party extensions or plugins. These extensions get automatically installed when you visit a questionable downloading website. And as a result, they either show advertisements or use your browser performance power to mine cryptocurrency.

Either way, it’s hard to find them, but the best way to deal with such suspicious extensions is to delete them.

  1. Open the Safari browser app on your Mac.
  2. Click on the Safari menu and select the Preferences/Settings sub-menu.
    Safari Preferences MenuIt will open the Safari Preferences window.
  3. Switch to the Extensions tab.
  4. Lookup for suspicious extensions installed.
    Uninstall the Safari Browser Extensions
  5. Select the extension, and hit Uninstall to remove it from Safari.

It will immediately remove the extension and make the browser less vulnerable. However, the extension might already make changes in settings; it is better to check and reset the options to a normal state.

Under the same Safari preferences window —

  • Switch to the General tab, and set a preferred homepage for your Safari browser.
    Set a Custom Home Page URL in Safari settings
  • Again, switch to the Search tab, and set your default search engine.
    Set Google as Search Engine in Safari browser

Restart the Safari browser and check if the problem doesn’t appear anymore. However, if the problem persists in your browser, try the following method on our list.

Reset to default settings

Extensions come with special privileges and permissions so that they can alter the setting of your Safari browser. This, in turn, shows suspicious behavior such as unnecessary ads, slow web pages, etc. Resetting Safari settings on your Mac will delete any malicious configuration injected by the malware.

Follow the steps to reset Safari settings to the Default:

  1. Launch the Finder window on Mac.
  2. Press the Option key and select the Go menu.
  3. Select the Library option from the drop-down menu.
    Go to Library File Finder
  4. Navigate to Library > Preferences folder.
  5. Delete com.apple.Safari.plist file from the preferences folder.
    Apple Safari Profile List Move to Trash

We have deleted the default configuration file. Just restart the Safari browser to regenerate the new configuration file we deleted. It should clear any malware injections.

Clear Cache and History

The cache is a temporary storage solution for the browser, which helps Safari load certain web pages faster. But if the malware is hiding in the cache files, it will create a problem even after you reset or delete your browsing history.

Furthermore, a filled cache memory may slow down your website performance, so clearing the browser cache every six months is a good practice. Here are the steps to clear browser data:

  1. Launch the Apple Safari browser.
  2. Click on the Safari menu and select the Preferences sub-menu.
  3. Switch to the Advanced tab.
  4. Enable the check box for the Show Develop menu in the menu bar.
    Show Develop menu in menubar on SafariIt will enable a new Develop menu in the Safari menu bar.
  5. Click on the Develop menu on the menu bar.
  6. Select Empty Caches from the drop-down menu.
    Empty Cache from Develop menu in Safari MacIt will clear and empty all the cache files stored within the Safari browser.
  7. Next, Click on the History menu on the menu bar.
  8. Click on the Clear History… option.
    Clear History command under History menubar in SafariIt will display a clear history dialog box on the screen.
  9. Choose a suitable Time Range and click the Clear History button.
    Clear History from Safari browser
info icon
Note: Choose the “All history” option for the best results. However, it will wipe out the complete browser history.

Delete Website Data

Website data comprise special features such as cookies and browsing or behavior patterns. These might also include your log-in sessions or other website identifiers.

If your browser is infected with malware, it can grab sensitive information via website data, so it is good to delete it. Here are the steps to delete Website data:

  1. Launch the Apple Safari browser.
  2. Click on the Safari menu and select the Preferences sub-menu.
  3. Switch to the Privacy tab, and click on the Manage Website Data… button.
    Manage Website Data option in Safari browserIt will open the stored website data and cache.
  4. Hit on the Remove All option.
    Remove Stored Data from the Safari browser
  5. Click on the Remove Now button.
    Remove all the data stored by websites from Safari browser

It will delete all the stored website data and cache files from the Safari browser.

Bottom Line

If you are lucky enough, the first method must work perfectly fine. However, if it fails to resolve your problem in the worst scenario, the second method will surely do the trick, but the only problem is you will lose all your saved data in the browser.

These methods are the most efficient ways to remove malware from Safari Mac and bring your browser back to its normal functioning state.

Let us know what has spelled out the success in removing the malware injected in the Safari browser. Also, anything else that you tried has worked in clearing the malware.

Lastly, if you've any thoughts or feedback on How to Remove Malware from Safari on Mac, then feel free to drop in below comment box. You can also report the outdated information.

Please share the article if you find it helpful:

Disclosure: This page may contain affiliate links, which means we may receive compensation for your purchases using our links; of course at no extra cost to you (indeed, you may get special discounts).
nv-author-image

Rahul Verma

Rahul is a Computer Science Engineer with a MBA degree. He is keenly interested in the field of tech and cryptocurrency. He has 6+ years of technical content writing experience, mainly experimenting with and troubleshooting computer and mobile operating systems. Connect him on LinkedIn.

Share us your thoughts and feedback

Your email address will not be published. Required fields are marked *