Malware Stories July 6

Android and iPhone spyware sold by NSO Group enables state terror attacks in multiple countries, according to a new database released by Amnesty International and partner organizations.

NSO uses zero-day exploits to develop spyware for both iPhones and Android smartphones, allowing users to read text messages and emails, monitor contacts and calls, track locations, collect passwords, and even switch on the smartphone’s microphone to record meetings …

expand full story

Malware Stories March 17

A study looking at new malware found in the wild during 2020 says that threats developed for macOS saw a huge jump – almost 1,100% compared to 2019. But taken into context, that total was less than 1% of the new malware that was discovered for Windows in the same period.

expand full story

Malware Stories February 17

The first Apple Silicon Macs have been out for just a few months and a good portion of popular apps have been updated with native support for the M1 MacBook Air, Pro, and Mac mini. Not far behind, what looks like the first malware that’s been optimized for Apple Silicon has been found in the wild.

expand full story

Malware Stories October 20, 2020

The notorious GravityRAT spyware, which initially targeted Windows PCs, now also enable attacks against Macs and Android devices.

Remote Access Trojans (RATs) are so-called because they masquerade as legitimate apps (the Trojan part) and then permit the compromised machine to be accessed remotely …

expand full story

Malware Stories March 2, 2020

Security researcher and former NSA hacker Patrick Wardle has demonstrated a way to modify state-created Mac malware to run his own code instead of the payloads from the government servers.

The sophistication of the malware makes re-purposing it attractive to other attackers, including other governments …

expand full story

Malware Stories February 12, 2020

Malwarebytes is out with a new report in which it states that Mac malware is growing faster than that for Windows.

For the first time ever, Macs outpaced Windows PCs in number of threats detected per endpoint […]

In total, we saw approximately 24 million Windows adware detections and 30 million Mac detections.

That’s getting a lot of headlines today, but there are three key things that need to be understood…

expand full story

Malware Stories October 25, 2019

Apple has confirmed that 17 malware iPhone apps were removed from the App Store after successfully hiding from the company’s app review process.

The apps were all from a single developer but covered a wide range of areas, including a restaurant finder, internet radio, BMI calculator, video compressor, and GPS speedometer …

expand full story

Malware Stories July 1, 2019

No fewer than six examples of Mac malware were discovered last month, including one which exploits a vulnerability in macOS Gatekeeper. The latest example – dubbed OSX/CrescentCore – takes steps to hide from security researchers.

Security company Intego says it has found CrescentCore on multiple websites, posing as, you guessed it, a Flash Player updater …

expand full story

Malware Stories June 25, 2019

A macOS Gatekeeper vulnerability discovered by a security researcher last month has now been exploited in what appears to be a test by an adware company.

Gatekeeper is designed to ensure that Mac apps are legitimate by checking that the code has been signed by Apple. Any app failing that check shouldn’t be allowed to install without the user acknowledging the risk and granting explicit permission to proceed …

expand full story

Malware Stories March 21, 2019

Microsoft is renaming its Windows Defender antivirus software to Microsoft Defender Advanced Threat Protection (ATP), and bringing it to macOS for the first time.

While Macs are significantly less vulnerable to malware than Windows machines, they are not immune. Examples include fake Flash Player installers and cryptocurrency-stealing browser exploits and apps

expand full story

Malware Stories January 31, 2019

CookieMiner is the latest Mac malware to be discovered. It’s highly targeted, using a clever technique to try to steal your cryptocurrency.

Discovered by security researchers from Palo Alto Networks’ Unit 42, it uses a two-fold attack method to obtain your login credentials and bypass two-factor authentication …

expand full story

Malware Stories October 30, 2018

PSA: The CoinTicker Mac app contains malware, probably to steal cryptocurrency

CoinTicker, a Mac app that displays the current price of Bitcoin and other cryptocurrencies in your menu bar, has been found two contain two separate pieces of malware

Malware Stories September 6, 2018

iPhone spyware maker mSpy exposes millions of private records, inc. passwords, messages

mSpy, a company which makes spyware used by suspicious parents and partners to spy on iPhone usage, has accidentally exposed millions of private records on the web. Data exposed includes passwords, text messages, contacts, call logs. notes and location data …

Malware Stories August 14, 2018

Security research and former NSA staffer Patrick Wardle says that he will demonstrate on Sunday a set of automated attacks against macOS High Sierra, in which he is able to bypass security checks.

The checks are ones that ask the user to confirm that an app should be granted permission to do things like access contacts or location data …

expand full story

Malware Stories August 7, 2018

Apple chip supplier TSMC admits downtime caused by unpatched Windows systems

TSMC, sole supplier of the A-series chips used in Apple’s iPhones and other devices, has admitted that the ultimate cause of its virus-induced downtime was the use of unpatched Windows systems …

Malware Stories May 18, 2018

PSA: Here’s how to check for – and remove – the Mac malware mshelper

If your Mac seems to be running at high fan rates or you’re seeing reduced battery-life for no apparent reason, you may want to check for some Mac malware that seems to be going around …

Malware Stories April 25, 2018

Macs are not immune to malware, but they are pretty well-protected. By default, macOS won’t allow unrecognized apps to be installed, and it needs the user to agree to override this. Even when they are installed, sandboxing limits the damage that can be done, which is why most Mac malware is actually adware – annoying but not damaging.

A common way for attackers to get malware onto a Mac is to disguise it as something else, to trick technically naive users into installing it. Fake installers for Adobe Flash Player are particularly favored, and Malwarebytes has found a variant that’s nastier than usual …

expand full story

Malware Stories July 25, 2017

[UPDATE: Apple confirmed to us that any systems that are up to date, running El Capitan or later, are protected. We’ve also confirmed from those in the know that the issue has been fixed since around January and only affected older and out of date Macs.]

A security researcher has discovered a piece of Mac malware that allows an attacker to activate the webcam to take photos, take screenshots and capture keystrokes.

Synack researcher Patrick Wardle says that the malware has been infecting Macs for at least five years, and possibly even a decade …

expand full story

Malware Stories June 23, 2017

McAfee tells us that the growth in Mac malware seen last year has continued into this year, growing 53% in the first quarter alone. The total number of instances of malware detected has reached over 700,000.

As before, though, the headline number isn’t as alarming as it might appear …

expand full story

Malware Stories May 24, 2017

PSA: Many major media players vulnerable to attack via malicious subtitles files [Video]

Security researchers have discovered a surprising new way for attackers to gain control of a machine: malicious subtitles. The vulnerability is device-independent, meaning it could be used to gain control of anything from an iPhone to a Mac.

Malware Stories May 15, 2017

The WannaCry ransomware attack may have been exploiting a vulnerability in Windows, but the lesson it provides – the importance of keeping both computers and mobile devices updated – is one applicable to all of us, Apple users included.

WannaCry itself targeted a vulnerability that had existed in Windows all the way through from XP to the latest Windows 10. Microsoft issued a patch to fix the issue for Windows Vista onwards back in March, but many organizations failed to update.

The scale of the attack – which caused widespread disruption around the world – should be a wake-up call to consumers, businesses and governments alike …

expand full story

Malware Stories May 5, 2017

A new piece of backdoor malware originally discovered on Windows has found a new home in macOS. Disguising itself as a legitimate Adobe Flash Player installer, the malware burrows into pre-existing macOS folders making it harder to spot. Having used a valid developer’s certificate, the malware was set to run free on macOS even with Gatekeeper enabled.

These certificates were created to help validate applications with Gatekeeper, but lately have been used to spread malicious software. This is the second reported malware incident in the past week using a valid certificate.

expand full story

Malware Stories April 28, 2017

We learned recently that macOS malware grew by 744% last year, though most of it fell into the less-worrying category of adware. However, a newly-discovered piece of malware (via Reddit) falls into the ‘seriously nasty’ category – able to spy on all your Internet usage, including use of secure websites.

Security researchers at CheckPoint found something they’ve labelled OSX/Dok, which manages to go undetected by Gatekeeper and stops users doing anything on their Mac until they accept a fake OS X update …

expand full story

Malware Stories April 6, 2017

The latest McAfee Threat Report shows that macOS malware grew by 744% in 2016, with around 460,000 instances detected. Behind the headline number, though, are a couple of reassuring facts.

First, while Mac malware is on the increase, it is almost a rounding error when viewed alongside Windows malware. All malware detected last year combined totalled more than 600M instances. Of this, around 15M examples were mobile malware – almost all of it Android …

expand full story

Powered by WordPress VIP