UpdateAgent Mac Malware

If your Mac is infected with UpdateAgent Mac malware, you can use MacKeeper’s Antivirus to detect and remove it safely and efficiently.

Download MacKeeper

System Requirements: macOS 10.11 or later

More than 60 Million Downloads

AV-TEST certified

Notarized by Apple

AV-TEST is an independent lab that checks the effectiveness of antivirus apps against real malware samples.

The notarization by Apple is a security measure to check if software is free from malicious components.

Trustpilot is an independent digital platform that hosts insightful and honest consumer reviews.

Written By Yana Khodun

Updated: March 28, 2026

In this article you will find the following:

UpdateAgent is a great example of the digital arms race between technology companies and cybercriminals, in which they’re constantly trying to outdo each other. In fact, it’s a Mac malware threat that has evolved over the years, adding new ways to target users and get around macOS security.

But how does it work? And, more importantly, how do you remove UpdateAgent from Mac systems? In this article, we’ll examine this virus in detail and show you what to do if you’re infected.

A note from our experts:

There are a few tips to help you detect the UpdateAgent virus on your Mac. You can find them in our guide below. MacKeeper’s Antivirus will do this for you. Our tool removes threats from your Mac and protects your device from malicious files 24/7.

Here’s how to run an on-demand scan:
Open MacKeeper, and select Antivirus from the menu bar.
Click Start Scan.
When the scan is finished, select anything suspicious and click Move to Quarantine.
Step 1. MacKeeper > Antivirus > Start Scan
Step 2. Remove any detected threats
That’s all it takes to check your Mac for malware. Plus, MacKeeper is packed with other useful security, privacy, and optimization tools. Give it a try and see for yourself.

How to detect UpdateAgent on a Mac

Like a lot of viruses, the UpdateAgent Mac malware doesn’t want to be found too easily. If your Mac is infected, though, there are a few telltale signs you might notice:

A sudden increase in intrusive ads when browsing the web
Your web browser redirects you to different sites or search engines than you expect
An unexplained change to your browser home page
Websites display incorrectly or look different from normal.

Our pro-tip:

You can also detect UpdateAgent with antivirus software like MacKeeper. Read our guide on how to check for malware on Mac for more information.

How to remove UpdateAgent virus

Getting rid of the virus UpdateAgent manually is easier said than done. Its ability to hide and create launch agent entries makes it tricky to pin down.

Here are a few basic steps you can take to try to remove UpdateAgent:

Delete unwanted apps: Check through your Applications folder for apps you didn’t install, pirated apps, or apps from untrusted developers
Remove LaunchAgents: In Finder, click Go > Go to Folder in the menu bar, and type ~/Library/LaunchAgents. Look through this folder and delete anything suspicious. Do the same for ~/Library/LaunchDaemons
Delete rogue browser add-ons: Check your web browser for any dodgy-looking extensions. You’ll usually find your installed add-ons in your browser settings, which you can access from your menu bar.

Unfortunately, these actions alone are unlikely to remove UpdateAgent. The best way to get rid of malware on Mac is with antivirus software like MacKeeper. This will allow you to carry out a complete scan of your computer and automatically detect viruses.

In your Applications folder, you may see apps that you didn't install. Remove these, along with any pirated or cracked apps, which may cause issues. — **Step 1. Check your Applications folder for unwanted apps**

UpdateAgent can install entries in your LaunchAgents and LaunchDaemons folders, making it harder to remove. Check them for anything suspicious. — **Step 2. Check your LaunchAgents and LaunchDaemons folders**

Check your web browser extensions for anything suspicious, which you should remove. You can normally get to the settings using the menu bar. — **Step 3. Make sure you don't have any rogue browser add-ons installed**

How to protect your Mac from UpdateAgent infection

Rather than trying to remove UpdateAgent from your Mac, it’s better to prevent it from ever getting infected in the first place. Let’s move to the best ways to do that.

Download from safe sources

UpdateAgent is usually hidden in what appears to be legitimate software. However, you can reduce your risk of infection by sticking to safe, trusted sources of software.

The safest option is to only download from the Mac App Store. If you’re downloading from external sources, try to stick to the official websites of trusted companies.

Use licensed software

Avoid pirated software or cracks for legitimate apps. These are very often loaded with malware.

Also, pay attention to warnings from your Mac. If you see a message that says macOS cannot verify that this app is free from malware, that’s a good sign to stop what you’re doing.

Update your Mac

Keeping your Mac up to date is an essential part of making it secure. As well as updating macOS, you also need to update your third-party apps.

Here’s how to check for macOS updates:

In System Settings, select General > Software Update
If automatic updates are enabled, macOS will search for and install updates
Once updates are installed, you may need to restart your Mac afterwards.

In macOS System Settings, scroll down and click — **Step 1. In System Settings, go to General > Software Update**

The automatic update settings in macOS System Settings. Changing these will determine how macOS treats updates for first-party software. — **Step 2. You can check and tweak your automatic update settings**

Some macOS updates require you to restart your Mac to apply the update. If you see a — **Step 3. Apply updates and restart if necessary**

Install antivirus

Antivirus software makes malware removal easy, especially if it offers real-time protection. This will constantly check your Mac for changes and new apps, alerting you of suspicious activity and blocking rogue software.

Here’s how to use real-time antivirus in MacKeeper:

In MacKeeper, select Antivirus from the sidebar. You should see that Real-time protection is enabled in the center of the MacKeeper. If not, click the Enable button
You can also tweak this feature. Select MacKeeper > Settings from the menu bar
In the Antivirus section, choose whether you want MacKeeper to automatically quarantine suspicious files or notify you first.

For extra protection, our experts highly encourage you to run on-demand scans in the MacKeeper’s app.

In MacKeeper, you have a series of tools in the sidebar on the left. Click — **Step 1. Select Antivirus in MacKeeper**

You can tweak MacKeeper's real-time protection in the settings, which you can reach by selecting MacKeeper > Settings from the menu bar. — **Step 2. Select MacKeeper > Settings from the menu bar**

In MacKeeper's settings, you can choose whether infected items are automatically moved to quarantine or if you're to be notified first. — **Step 3. Choose to automatically move infected items to quarantine or to notify you first**

What is UpdateAgent?

UpdateAgent is malware designed to target computers running macOS. To be specific, it’s a trojan, meaning it’s usually disguised as or hidden in legitimate software.

The most common ways to get infected with UpdateAgent are:

Drive-by downloads
Rogue ads and pop-ups
Email attachments
Pirated software or cracks.

What does UpdateAgent do?

Microsoft has been tracking this malware for several years. One of UpdateAgent’s most interesting—and worrying—traits is that it’s been updated over time with new features.

To date, these are some of the things UpdateAgent can do to systems it infects:

Gathering information from the Mac and sending it back to the hackers
Downloading and installing other software and malware, often hosted on public cloud servers
Bypassing the Gatekeeper security feature built into macOS
Hiding and preventing itself from being deleted
Creating LaunchAgent and LaunchDaemon folders to make removal harder
Running system commands with admin permissions.

So far, UpdateAgent has mainly been used to install Adload, which targets Mac users with ads, generating revenue for the hackers. However, at any time, this malware could deliver more dangerous payloads.

Is UpdateAgent malware dangerous?

In short, yes. UpdateAgent’s ability to give itself elevated permissions and install more malware is particularly concerning. Normally, Gatekeeper prevents unauthorized apps from running on your system, but UpdateAgent can stop Gatekeeper’s warnings from appearing.

The fact UpdateAgent is still being worked on and upgraded makes it even more dangerous. We can only guess what its creators might prepare for Mac users in future.

Make your Mac a fortress

It’s vital to take Mac malware seriously, because the biggest gift you can give cybercriminals is apathy. So, our key advice for you is be proactive. Follow best practice tips for cybersecurity, like using strong passwords and avoiding email attachments from unknown senders.

And, of course, use antivirus software. With MacKeeper’s Antivirus, you can not only detect and delete threats like UpdateAgent but also prevent them from ever taking hold in the first place.

Use your Mac to the fullest! Sign up and get:

Effective tips on how to fix Mac issues

Reliable advice on how to stay safe online

Mac-world news and updates

Send me exclusive offers and Mac tips

Thank you!

You’ll love exploring your Mac with us.

Oops, something went wrong.

Try again or reload a page.