Malware
After the massive outbreak of the WannaCry malware that took down hospitals in the UK and spread around the world, we knew it was only a matter of time before similar attacks took place. With the recent outbreak of new ransomware, dubbed Petya, affecting computers in Ukraine and spreading to other countries, it’s a good time to take a step back and look at some hard facts about ransomware. What do Mac users need to know about this rising threat?
Who does ransomware affect?
Windows users are the ones who …
July 13, 2017 •
3 min read
Malware
With the popularity of both ransomware and the creation of macOS malware on the rise with hackers, Apple users face a growing number of threats. It now appears that others have turned their attention to the creation of new malware to spy on Mac users — but these programmers have gone a step further. Rather than developing a tool and deploying it personally, they have taken to the dark web to offer their products for sale. Known respectively as MacSpy and MacRansom, the hackers provide the malware to users …
June 29, 2017 •
3 min read
Malware
People with an extensive DVD or Blu-Ray collection can enjoy a wide variety of media at home, but what happens when you want to take it with you? The simple solution is to “rip” your favorite DVDs to create digital media files you can play back on your MacBook, or perhaps store on your home media server. Many Mac users dabble with this. Most people use the popular software, Handbrake, to digitize their media. Unfortunately, hackers recently compromised one of Handbrake’s download servers. For four days, an unknown quantity …
May 30, 2017 •
3 min read
iOS
With the huge volume of ads displayed on sites across the Web today, it’s no surprise that bad actors view them as a window to reach vulnerable users. A new malvertising threat has appeared for iOS users. This time, it’s not about infecting your iOS devices directly — instead, it’s designed to coerce users into installing software that monitors and tracks their online activities. It does this by masquerading as a VPN, or virtual private network. VPNs are often useful for providing yourself with greater privacy protections while browsing …
April 17, 2017 •
3 min read
Malware
Though many of its now-famous hidden marketplaces have been taken down by law enforcement, the darknet continues to be a home for the web’s seediest characters. The latest item to hit the market and generate buzz isn’t an illegal substance — instead, it’s illegal software. Several outlets have reported that an anonymous darknet user is currently making attempts to sell an allegedly unreleased “remote administration tool,” or RAT, for Macs.
Dubbed “Proton,” when installed this software gives attackers full control over a user’s machine. That includes downloading more …
March 22, 2017 •
2 min read
macOS
A brand-new type of malware affecting Macs is in the wild, and this time there are definite signs of development in conjunction with a foreign nation. Designed (albeit rather poorly) to look like a Flash update, this malware, dubbed MacDownloader, is a unsophisticaed attempt to glean user passwords. Uncovered by security researchers after the malware targeted major defense contractors, the program may feature amateurish code, but its threat is very real.
After fooling a user into downloading the false Flash update, the malware quickly goes to work profiling the …
February 17, 2017 •
2 min read
Malware
The latest item of Mac malware to be uncovered is actually not new at all; in fact, it may have been around for several years. Dubbed “Fruitfly” by Apple, this malware has some novel features. In particular, its function depends upon using both an outdated library from the late 90s, libjpeg, as well as pre-OS X system calls. Why the malware was designed to use outdated methods is unknown, but in the wake of the malware’s discovery, Apple promptly issued an update to XProtect to reduce the threat to users. …
January 31, 2017 •
2 min read
iPhone
Though the threat of computer viruses once lurked primarily in the domain of email attachments and suspicious file downloads, the current landscape is vastly different. Simply doing damage to a system and spreading a virus further is no longer the biggest threat. From spyware to any of the many flavors of malware, there are many new and evolving security issues facing computer systems globally. Ransomware continues its rise to prevalence as infections rise year over year, compromising more machines. Ransomware, a type of malware which locks down user access to …
September 16, 2016 •
3 min read
Mac OS X
Last year, the spyware developer Hacking Team seemed to go down in flames after a massive internal leak exposed the company’s dirty secrets for the world to see. Prior to that occurrence, the Milan-based firm had been in operation since 2003, selling products to governments, law enforcement, corporations, and other entities to help them spy on customers or private citizens. From monitoring emails to breaking encrypted communications, all the way to covertly activating webcams, Hacking Team traded in software that gleefully wrecked privacy rights and laundry lists of other …
March 14, 2016 •
3 min read
MacScan
Updated: February 12, 2014
OSX/CoinThief has been distributed under four different names so far: BitVanity, StealthBit, Bitcoin Ticker TTM, and Litecoin Ticker.
BitVanity and StealthBit were distributed on Github, while Bitcoin Ticker TTM and Litecoin Ticker were distributed on Download.com and MacUpdate.com. Both app names appear to have been taken from legitimate apps in the Mac App Store. The malicious payload was not found in Mac App Store copies of these apps.
When run, the malware installs a browser extension in Chrome, Safari, and Firefox, which will appear in those apps as "Pop-Up …
February 9, 2014 •
4 min read
MacScan
Malware: OSX/CoinThief.A
Date Discovered: February 9th, 2014
Updated: February 13, 2014
Added: Feb 13th 2014: Wednesday evening, Apple updated XProtect to defend against the two known variants of OSX/CoinThief.
SecureMac has more information on how the CoinThief malware is initially installed on infected systems, with steps it takes to disguise its behavior:
The malware is taking the place of the main binary in the trojanized versions of Bitcoin Ticker TTM and Litecoin Ticker, and is set up to run as an agent with a setting for LSUIElement in the Info.plist file. This makes it so …
February 9, 2014 •
6 min read
Adware
The links for many popular Mac apps on CNET’s download.com have been replaced with a “CNET installer” that installs toolbar adware and changes browser settings. This guide shows how to identify affected apps, how to avoid the toolbar installer, how to determine if it has been installed on your system, and how to remove it if so.
Adware can be a threat to user privacy, and is used to track a user’s browsing habits online. For example, the permissions for one of the Google Chrome extensions shows what these toolbars can …
October 13, 2013 •
4 min read