Malware Stories July 20

A nasty piece of Mac malware is being actively used in the wild to capture personal data from Macs. Security researchers say that CloudMensis spyware can allow an attacker to download files, capture keystrokes, take screengrabs, and more.

Cybersecurity firm ESET says that the spyware has been in active use since February, and appears to be targeting specific individuals …

expand full story

Malware Stories January 27

Security researchers have released details of DazzleSpy – Mac malware that enabled key-logging, screen captures, microphone access, and more.

DazzleSpy was used to target Hong Kong democracy activists, initially through a fake pro-democracy website, and later through a real one, in a so-called watering hole attack …

expand full story

Malware Stories January 26

Apple paid a bug bounty of $100K after a cyber security student who successfully hijacked the iPhone camera back in 2019 did the same with the Mac camera.

Ryan Pickren used an imaginative approach that allowed him to run arbitrary code on a target Mac, and received what he believes to be the largest bug bounty Apple has ever paid …

expand full story

Malware Stories January 24

UK’s National Cyber Security Centre offers advice to companies

The US National Counterintelligence and Security Center (NCSC) recently offered advice to individuals on protecting themselves from cyberattacks, and the UK’s National Cyber Security Centre (also NCSC!) has now done the same for businesses …

Malware Stories January 19

We may still be waiting for some developers to update their apps to run natively on M1 Macs, but the developer of SysJoker Mac malware is already on the case.

Security researcher Patrick Wardle points to what he says is the first Mac malware of 2022, and it runs on both Intel and M1 Macs. SysJoker can be controlled remotely by an attacker, allowing it to be used in many different ways …

expand full story

Malware Stories July 6, 2021

Android and iPhone spyware sold by NSO Group enables state terror attacks in multiple countries, according to a new database released by Amnesty International and partner organizations.

NSO uses zero-day exploits to develop spyware for both iPhones and Android smartphones, allowing users to read text messages and emails, monitor contacts and calls, track locations, collect passwords, and even switch on the smartphone’s microphone to record meetings …

expand full story

Malware Stories March 17, 2021

A study looking at new malware found in the wild during 2020 says that threats developed for macOS saw a huge jump – almost 1,100% compared to 2019. But taken into context, that total was less than 1% of the new malware that was discovered for Windows in the same period.

expand full story

Malware Stories February 17, 2021

The first Apple Silicon Macs have been out for just a few months and a good portion of popular apps have been updated with native support for the M1 MacBook Air, Pro, and Mac mini. Not far behind, what looks like the first malware that’s been optimized for Apple Silicon has been found in the wild.

expand full story

Malware Stories October 20, 2020

The notorious GravityRAT spyware, which initially targeted Windows PCs, now also enable attacks against Macs and Android devices.

Remote Access Trojans (RATs) are so-called because they masquerade as legitimate apps (the Trojan part) and then permit the compromised machine to be accessed remotely …

expand full story

Malware Stories March 2, 2020

Security researcher and former NSA hacker Patrick Wardle has demonstrated a way to modify state-created Mac malware to run his own code instead of the payloads from the government servers.

The sophistication of the malware makes re-purposing it attractive to other attackers, including other governments …

expand full story

Malware Stories February 12, 2020

Malwarebytes is out with a new report in which it states that Mac malware is growing faster than that for Windows.

For the first time ever, Macs outpaced Windows PCs in number of threats detected per endpoint […]

In total, we saw approximately 24 million Windows adware detections and 30 million Mac detections.

That’s getting a lot of headlines today, but there are three key things that need to be understood…

expand full story

Malware Stories October 25, 2019

Apple has confirmed that 17 malware iPhone apps were removed from the App Store after successfully hiding from the company’s app review process.

The apps were all from a single developer but covered a wide range of areas, including a restaurant finder, internet radio, BMI calculator, video compressor, and GPS speedometer …

expand full story

Malware Stories July 1, 2019

No fewer than six examples of Mac malware were discovered last month, including one which exploits a vulnerability in macOS Gatekeeper. The latest example – dubbed OSX/CrescentCore – takes steps to hide from security researchers.

Security company Intego says it has found CrescentCore on multiple websites, posing as, you guessed it, a Flash Player updater …

expand full story

Malware Stories June 25, 2019

A macOS Gatekeeper vulnerability discovered by a security researcher last month has now been exploited in what appears to be a test by an adware company.

Gatekeeper is designed to ensure that Mac apps are legitimate by checking that the code has been signed by Apple. Any app failing that check shouldn’t be allowed to install without the user acknowledging the risk and granting explicit permission to proceed …

expand full story

Malware Stories March 21, 2019

Microsoft is renaming its Windows Defender antivirus software to Microsoft Defender Advanced Threat Protection (ATP), and bringing it to macOS for the first time.

While Macs are significantly less vulnerable to malware than Windows machines, they are not immune. Examples include fake Flash Player installers and cryptocurrency-stealing browser exploits and apps

expand full story

Malware Stories January 31, 2019

CookieMiner is the latest Mac malware to be discovered. It’s highly targeted, using a clever technique to try to steal your cryptocurrency.

Discovered by security researchers from Palo Alto Networks’ Unit 42, it uses a two-fold attack method to obtain your login credentials and bypass two-factor authentication …

expand full story

Malware Stories October 30, 2018

PSA: The CoinTicker Mac app contains malware, probably to steal cryptocurrency

CoinTicker, a Mac app that displays the current price of Bitcoin and other cryptocurrencies in your menu bar, has been found two contain two separate pieces of malware

Malware Stories September 6, 2018

iPhone spyware maker mSpy exposes millions of private records, inc. passwords, messages

mSpy, a company which makes spyware used by suspicious parents and partners to spy on iPhone usage, has accidentally exposed millions of private records on the web. Data exposed includes passwords, text messages, contacts, call logs. notes and location data …

Malware Stories August 14, 2018

Security research and former NSA staffer Patrick Wardle says that he will demonstrate on Sunday a set of automated attacks against macOS High Sierra, in which he is able to bypass security checks.

The checks are ones that ask the user to confirm that an app should be granted permission to do things like access contacts or location data …

expand full story

Malware Stories August 7, 2018

Apple chip supplier TSMC admits downtime caused by unpatched Windows systems

TSMC, sole supplier of the A-series chips used in Apple’s iPhones and other devices, has admitted that the ultimate cause of its virus-induced downtime was the use of unpatched Windows systems …

Malware Stories May 18, 2018

PSA: Here’s how to check for – and remove – the Mac malware mshelper

If your Mac seems to be running at high fan rates or you’re seeing reduced battery-life for no apparent reason, you may want to check for some Mac malware that seems to be going around …

Malware Stories April 25, 2018

Macs are not immune to malware, but they are pretty well-protected. By default, macOS won’t allow unrecognized apps to be installed, and it needs the user to agree to override this. Even when they are installed, sandboxing limits the damage that can be done, which is why most Mac malware is actually adware – annoying but not damaging.

A common way for attackers to get malware onto a Mac is to disguise it as something else, to trick technically naive users into installing it. Fake installers for Adobe Flash Player are particularly favored, and Malwarebytes has found a variant that’s nastier than usual …

expand full story

Malware Stories July 25, 2017

[UPDATE: Apple confirmed to us that any systems that are up to date, running El Capitan or later, are protected. We’ve also confirmed from those in the know that the issue has been fixed since around January and only affected older and out of date Macs.]

A security researcher has discovered a piece of Mac malware that allows an attacker to activate the webcam to take photos, take screenshots and capture keystrokes.

Synack researcher Patrick Wardle says that the malware has been infecting Macs for at least five years, and possibly even a decade …

expand full story

Malware Stories June 23, 2017

McAfee tells us that the growth in Mac malware seen last year has continued into this year, growing 53% in the first quarter alone. The total number of instances of malware detected has reached over 700,000.

As before, though, the headline number isn’t as alarming as it might appear …

expand full story

Powered by WordPress VIP