Security researcher and former NSA hacker Patrick Wardle has demonstrated a way to modify state-created Mac malware to run his own code instead of the payloads from the government servers.
The sophistication of the malware makes re-purposing it attractive to other attackers, including other governments …
Apple has confirmed that 17 malware iPhone apps were removed from the App Store after successfully hiding from the company’s app review process.
The apps were all from a single developer but covered a wide range of areas, including a restaurant finder, internet radio, BMI calculator, video compressor, and GPS speedometer …
No fewer than six examples of Mac malware were discovered last month, including one which exploits a vulnerability in macOS Gatekeeper. The latest example – dubbed OSX/CrescentCore – takes steps to hide from security researchers.
Security company Intego says it has found CrescentCore on multiple websites, posing as, you guessed it, a Flash Player updater …
A macOS Gatekeeper vulnerability discovered by a security researcher last month has now been exploited in what appears to be a test by an adware company.
Gatekeeper is designed to ensure that Mac apps are legitimate by checking that the code has been signed by Apple. Any app failing that check shouldn’t be allowed to install without the user acknowledging the risk and granting explicit permission to proceed …
Microsoft is renaming its Windows Defender antivirus software to Microsoft Defender Advanced Threat Protection (ATP), and bringing it to macOS for the first time.
CookieMiner is the latest Mac malware to be discovered. It’s highly targeted, using a clever technique to try to steal your cryptocurrency.
Discovered by security researchers from Palo Alto Networks’ Unit 42, it uses a two-fold attack method to obtain your login credentials and bypass two-factor authentication …
CoinTicker, a Mac app that displays the current price of Bitcoin and other cryptocurrencies in your menu bar, has been found two contain two separate pieces of malware …
mSpy, a company which makes spyware used by suspicious parents and partners to spy on iPhone usage, has accidentally exposed millions of private records on the web. Data exposed includes passwords, text messages, contacts, call logs. notes and location data …
Security research and former NSA staffer Patrick Wardle says that he will demonstrate on Sunday a set of automated attacks against macOS High Sierra, in which he is able to bypass security checks.
The checks are ones that ask the user to confirm that an app should be granted permission to do things like access contacts or location data …
TSMC, sole supplier of the A-series chips used in Apple’s iPhones and other devices, has admitted that the ultimate cause of its virus-induced downtime was the use of unpatched Windows systems …
If your Mac seems to be running at high fan rates or you’re seeing reduced battery-life for no apparent reason, you may want to check for some Mac malware that seems to be going around …
Macs are not immune to malware, but they are pretty well-protected. By default, macOS won’t allow unrecognized apps to be installed, and it needs the user to agree to override this. Even when they are installed, sandboxing limits the damage that can be done, which is why most Mac malware is actually adware – annoying but not damaging.
A common way for attackers to get malware onto a Mac is to disguise it as something else, to trick technically naive users into installing it. Fake installers for Adobe Flash Player are particularly favored, and Malwarebytes has found a variant that’s nastier than usual …
[UPDATE: Apple confirmed to us that any systems that are up to date, running El Capitan or later, are protected. We’ve also confirmed from those in the know that the issue has been fixed since around January and only affected older and out of date Macs.]
A security researcher has discovered a piece of Mac malware that allows an attacker to activate the webcam to take photos, take screenshots and capture keystrokes.
Synack researcher Patrick Wardle says that the malware has been infecting Macs for at least five years, and possibly even a decade …
McAfee tells us that the growth in Mac malware seen last year has continued into this year, growing 53% in the first quarter alone. The total number of instances of malware detected has reached over 700,000.
As before, though, the headline number isn’t as alarming as it might appear …
Security researchers have discovered a surprising new way for attackers to gain control of a machine: malicious subtitles. The vulnerability is device-independent, meaning it could be used to gain control of anything from an iPhone to a Mac.
The WannaCry ransomware attack may have been exploiting a vulnerability in Windows, but the lesson it provides – the importance of keeping both computers and mobile devices updated – is one applicable to all of us, Apple users included.
WannaCry itself targeted a vulnerability that had existed in Windows all the way through from XP to the latest Windows 10. Microsoft issued a patch to fix the issue for Windows Vista onwards back in March, but many organizations failed to update.
The scale of the attack – which caused widespread disruption around the world – should be a wake-up call to consumers, businesses and governments alike …
A new piece of backdoor malware originally discovered on Windows has found a new home in macOS. Disguising itself as a legitimate Adobe Flash Player installer, the malware burrows into pre-existing macOS folders making it harder to spot. Having used a valid developer’s certificate, the malware was set to run free on macOS even with Gatekeeper enabled.
These certificates were created to help validate applications with Gatekeeper, but lately have been used to spread malicious software. This is the second reported malware incident in the past week using a valid certificate.
We learned recently that macOS malware grew by 744% last year, though most of it fell into the less-worrying category of adware. However, a newly-discovered piece of malware (via Reddit) falls into the ‘seriously nasty’ category – able to spy on all your Internet usage, including use of secure websites.
Security researchers at CheckPoint found something they’ve labelled OSX/Dok, which manages to go undetected by Gatekeeper and stops users doing anything on their Mac until they accept a fake OS X update …
The latest McAfee Threat Report shows that macOS malware grew by 744% in 2016, with around 460,000 instances detected. Behind the headline number, though, are a couple of reassuring facts.
First, while Mac malware is on the increase, it is almost a rounding error when viewed alongside Windows malware. All malware detected last year combined totalled more than 600M instances. Of this, around 15M examples were mobile malware – almost all of it Android …
The team over at Malwarebytes has recently discovered what they’re calling “the first Mac malware of 2017”. The Fruitfly malware has been using antiquated code to help it run undetected for quite some time on macOS systems. It has reportedly been used in targeted attacks at biomedical research institutions.
We’re honestly running out of headlines for these things. In what has now become a routine announcement, Adobe has admitted that yet another critical vulnerability could allow an attacker to take complete control of a Mac, Windows, Linux or ChromeOS machine.
One of the major benefits of Apple’s ecosystem is that it’s a pretty secure environment. Take OS X (soon to be macOS). The first ever example of OS X ransomware seen in the wild was earlier this year, when it was major news. Other Mac malware exists, but it’s rare enough that individual examples make the news – and most of those require users to do something irresponsible, like install software from an unknown source.
Contrast that with Windows, where the BBC reported that the number of viruses, worms and trojans in circulation topped the one million mark as long ago as 2008. That may be somewhat exaggerated, but most sources agree that the number is in six figures.
iOS is an even more secure platform. Sure, if you jailbreak an iPhone, all bets are off, and there are ways to install sketchy apps on iOS devices using an enterprise certificate. But absent those two things, it wasn’t until this year that the first example of iOS malware was found …
No 9to5Mac reader is going to be at risk from malware that directs users to a scam website and asks them to download software, but Malwarebytes has discovered a previously unknown piece of Mac malware that could easily fool less technical users.
Thomas Reed, lead researcher at Malwarebytes, told us that he found the malware on a scam page hosted on the official Advanced Mac Cleaner website …