Malware

78 'Malware' stories May 2011 - February 2020

Comment: Mac malware is growing, but there are three important riders

Ben Lovejoy Feb 12 2020 - 5:33 am PT

Malwarebytes is out with a new report in which it states that Mac malware is growing faster than that for Windows.

For the first time ever, Macs outpaced Windows PCs in number of threats detected per endpoint […]

In total, we saw approximately 24 million Windows adware detections and 30 million Mac detections.

That’s getting a lot of headlines today, but there are three key things that need to be understood…

Expand
Expanding
Close

17 malware iPhone apps removed from App Store after evading Apple’s review

Ben Lovejoy Oct 25 2019 - 4:16 am PT

0 Comments

17 malware iPhone apps found in App Store

Apple has confirmed that 17 malware iPhone apps were removed from the App Store after successfully hiding from the company’s app review process.

The apps were all from a single developer but covered a wide range of areas, including a restaurant finder, internet radio, BMI calculator, video compressor, and GPS speedometer …

Expand
Expanding
Close

Mac
Malware

Latest Mac malware OSX/CrescentCore hides from security researchers

Ben Lovejoy Jul 1 2019 - 4:08 am PT

0 Comments

CrescentCore Mac malware hides from security researchers

No fewer than six examples of Mac malware were discovered last month, including one which exploits a vulnerability in macOS Gatekeeper. The latest example – dubbed OSX/CrescentCore – takes steps to hide from security researchers.

Security company Intego says it has found CrescentCore on multiple websites, posing as, you guessed it, a Flash Player updater …

Expand
Expanding
Close

macOS Gatekeeper vulnerability has now been exploited by adware company

Ben Lovejoy Jun 25 2019 - 5:35 am PT

0 Comments

macOS Gatekeeper vulnerability now being exploited

A macOS Gatekeeper vulnerability discovered by a security researcher last month has now been exploited in what appears to be a test by an adware company.

Gatekeeper is designed to ensure that Mac apps are legitimate by checking that the code has been signed by Apple. Any app failing that check shouldn’t be allowed to install without the user acknowledging the risk and granting explicit permission to proceed …

Expand
Expanding
Close

Microsoft Defender brings anti-virus protection to Mac, but limited business roll-out initially

Ben Lovejoy Mar 21 2019 - 6:06 am PT

0 Comments

Microsoft Defender begins limited Mac rollout

Microsoft is renaming its Windows Defender antivirus software to Microsoft Defender Advanced Threat Protection (ATP), and bringing it to macOS for the first time.

While Macs are significantly less vulnerable to malware than Windows machines, they are not immune. Examples include fake Flash Player installers and cryptocurrency-stealing browser exploits and apps …

Expand
Expanding
Close

CookieMiner Mac malware tries to steal your cryptocurrency – as well as mine more

Ben Lovejoy Jan 31 2019 - 6:38 am PT

0 Comments

CookieMiner is the latest Mac malware to be discovered. It’s highly targeted, using a clever technique to try to steal your cryptocurrency.

Discovered by security researchers from Palo Alto Networks’ Unit 42, it uses a two-fold attack method to obtain your login credentials and bypass two-factor authentication …

Expand
Expanding
Close

PSA: The CoinTicker Mac app contains malware, probably to steal cryptocurrency

Ben Lovejoy Oct 30 2018 - 4:34 am PT

0 Comments

CoinTicker, a Mac app that displays the current price of Bitcoin and other cryptocurrencies in your menu bar, has been found two contain two separate pieces of malware …

Expand
Expanding
Close

iPhone spyware maker mSpy exposes millions of private records, inc. passwords, messages

Ben Lovejoy Sep 6 2018 - 6:41 am PT

0 Comments

mSpy, a company which makes spyware used by suspicious parents and partners to spy on iPhone usage, has accidentally exposed millions of private records on the web. Data exposed includes passwords, text messages, contacts, call logs. notes and location data …

Expand
Expanding
Close

Ex-NSA staffer demonstrates malware bypassing security checks in High Sierra

Ben Lovejoy Aug 14 2018 - 4:36 am PT

0 Comments

Security research and former NSA staffer Patrick Wardle says that he will demonstrate on Sunday a set of automated attacks against macOS High Sierra, in which he is able to bypass security checks.

The checks are ones that ask the user to confirm that an app should be granted permission to do things like access contacts or location data …

Expand
Expanding
Close

Apple chip supplier TSMC admits downtime caused by unpatched Windows systems

Ben Lovejoy Aug 7 2018 - 5:34 am PT

0 Comments

TSMC, sole supplier of the A-series chips used in Apple’s iPhones and other devices, has admitted that the ultimate cause of its virus-induced downtime was the use of unpatched Windows systems …

Expand
Expanding
Close

PSA: Here’s how to check for – and remove – the Mac malware mshelper

Ben Lovejoy May 18 2018 - 4:36 am PT

0 Comments

If your Mac seems to be running at high fan rates or you’re seeing reduced battery-life for no apparent reason, you may want to check for some Mac malware that seems to be going around …

Expand
Expanding
Close

PSA: There’s a new fake Flash Player installer for Macs, and it’s nastier than usual

Ben Lovejoy Apr 25 2018 - 4:55 am PT

0 Comments

Macs are not immune to malware, but they are pretty well-protected. By default, macOS won’t allow unrecognized apps to be installed, and it needs the user to agree to override this. Even when they are installed, sandboxing limits the damage that can be done, which is why most Mac malware is actually adware – annoying but not damaging.

A common way for attackers to get malware onto a Mac is to disguise it as something else, to trick technically naive users into installing it. Fake installers for Adobe Flash Player are particularly favored, and Malwarebytes has found a variant that’s nastier than usual …

Expand
Expanding
Close

Mac malware discovered in the wild allows webcam photos, screenshots, key-logging

Ben Lovejoy Jul 25 2017 - 4:01 am PT

0 Comments

[UPDATE: Apple confirmed to us that any systems that are up to date, running El Capitan or later, are protected. We’ve also confirmed from those in the know that the issue has been fixed since around January and only affected older and out of date Macs.]

A security researcher has discovered a piece of Mac malware that allows an attacker to activate the webcam to take photos, take screenshots and capture keystrokes.

Synack researcher Patrick Wardle says that the malware has been infecting Macs for at least five years, and possibly even a decade …

Expand
Expanding
Close

Mac malware continues to grow, reports McAfee, but is again mostly adware

Ben Lovejoy Jun 23 2017 - 4:23 am PT

0 Comments

McAfee tells us that the growth in Mac malware seen last year has continued into this year, growing 53% in the first quarter alone. The total number of instances of malware detected has reached over 700,000.

As before, though, the headline number isn’t as alarming as it might appear …

Expand
Expanding
Close

PSA: Many major media players vulnerable to attack via malicious subtitles files [Video]

Ben Lovejoy May 24 2017 - 7:11 am PT

0 Comments

Security researchers have discovered a surprising new way for attackers to gain control of a machine: malicious subtitles. The vulnerability is device-independent, meaning it could be used to gain control of anything from an iPhone to a Mac.

Expand
Expanding
Close

Comment: The WannaCry attack should be a wake-up call for consumers, businesses and governments

Ben Lovejoy May 15 2017 - 5:12 am PT

0 Comments

The WannaCry ransomware attack may have been exploiting a vulnerability in Windows, but the lesson it provides – the importance of keeping both computers and mobile devices updated – is one applicable to all of us, Apple users included.

WannaCry itself targeted a vulnerability that had existed in Windows all the way through from XP to the latest Windows 10. Microsoft issued a patch to fix the issue for Windows Vista onwards back in March, but many organizations failed to update.

The scale of the attack – which caused widespread disruption around the world – should be a wake-up call to consumers, businesses and governments alike …

Expand
Expanding
Close

Windows backdoor malware disguises itself as Adobe Flash on macOS

Greg Barbosa May 5 2017 - 7:01 am PT

0 Comments

Snake Adobe Flash Player malware on macOS

A new piece of backdoor malware originally discovered on Windows has found a new home in macOS. Disguising itself as a legitimate Adobe Flash Player installer, the malware burrows into pre-existing macOS folders making it harder to spot. Having used a valid developer’s certificate, the malware was set to run free on macOS even with Gatekeeper enabled.

These certificates were created to help validate applications with Gatekeeper, but lately have been used to spread malicious software. This is the second reported malware incident in the past week using a valid certificate.

Expand
Expanding
Close

Nasty Mac malware bypasses Gatekeeper, undetectable by most antivirus apps

Ben Lovejoy Apr 28 2017 - 5:17 am PT

0 Comments

We learned recently that macOS malware grew by 744% last year, though most of it fell into the less-worrying category of adware. However, a newly-discovered piece of malware (via Reddit) falls into the ‘seriously nasty’ category – able to spy on all your Internet usage, including use of secure websites.

Security researchers at CheckPoint found something they’ve labelled OSX/Dok, which manages to go undetected by Gatekeeper and stops users doing anything on their Mac until they accept a fake OS X update …

Expand
Expanding
Close

Mac
Malware

Mac malware grew 744% in 2016, says McAfee report, but most of it is adware

Ben Lovejoy Apr 6 2017 - 4:15 am PT

0 Comments

The latest McAfee Threat Report shows that macOS malware grew by 744% in 2016, with around 460,000 instances detected. Behind the headline number, though, are a couple of reassuring facts.

First, while Mac malware is on the increase, it is almost a rounding error when viewed alongside Windows malware. All malware detected last year combined totalled more than 600M instances. Of this, around 15M examples were mobile malware – almost all of it Android …

Expand
Expanding
Close

Malwarebytes discovers new ‘Fruitfly’ malware running antiquated code on macOS

Greg Barbosa Jan 18 2017 - 7:32 am PT

0 Comments

The team over at Malwarebytes has recently discovered what they’re calling “the first Mac malware of 2017”. The Fruitfly malware has been using antiquated code to help it run undetected for quite some time on macOS systems. It has reportedly been used in targeted attacks at biomedical research institutions.

Expand
Expanding
Close

This month’s critical Flash vulnerability gives attackers control of a Mac …

Ben Lovejoy Oct 12 2016 - 7:09 am PT

0 Comments

adobe-flash-broken

We’re honestly running out of headlines for these things. In what has now become a routine announcement, Adobe has admitted that yet another critical vulnerability could allow an attacker to take complete control of a Mac, Windows, Linux or ChromeOS machine.

Expand
Expanding
Close

Comment: The Catch-22 position Apple is in regarding the iOS 9.3.5 security fix

Ben Lovejoy Aug 26 2016 - 7:26 am PT

0 Comments

ios-9-3-5

One of the major benefits of Apple’s ecosystem is that it’s a pretty secure environment. Take OS X (soon to be macOS). The first ever example of OS X ransomware seen in the wild was earlier this year, when it was major news. Other Mac malware exists, but it’s rare enough that individual examples make the news – and most of those require users to do something irresponsible, like install software from an unknown source.

Contrast that with Windows, where the BBC reported that the number of viruses, worms and trojans in circulation topped the one million mark as long ago as 2008. That may be somewhat exaggerated, but most sources agree that the number is in six figures.

iOS is an even more secure platform. Sure, if you jailbreak an iPhone, all bets are off, and there are ways to install sketchy apps on iOS devices using an enterprise certificate. But absent those two things, it wasn’t until this year that the first example of iOS malware was found …

Expand
Expanding
Close

Malware

Malwarebytes reports new OS X malware that could easily fool less technical users

Ben Lovejoy Aug 19 2016 - 6:50 am PT

0 Comments

mac-file-opener

No 9to5Mac reader is going to be at risk from malware that directs users to a scam website and asks them to download software, but Malwarebytes has discovered a previously unknown piece of Mac malware that could easily fool less technical users.

Thomas Reed, lead researcher at Malwarebytes, told us that he found the malware on a scam page hosted on the official Advanced Mac Cleaner website …

Expand
Expanding
Close

Malware

Stagefright-style vulnerability discovered in OS X and iOS, update for protection

Ben Lovejoy Jul 22 2016 - 4:10 am PT

0 Comments

maxresdefault

Security researchers last year discovered what they described as ‘the worst Android vulnerability ever,’ able to infect a phone with malware simply by sending an MMS message to it. The vulnerability, dubbed Stagefright, didn’t even require people to open the message for their phone to be infected.

A Cisco researcher has now discovered a similar vulnerability in OS X and iOS, that could allow an attacker to gain access to your stored passwords and files simply by sending you a malicious image file …

Expand
Expanding
Close