Malware

Ever wonder what malware can your Mac detect and remove without any third-party software? Recently, security researchers have correlated some bizarre macOS YARA rules used by the built-in XProtect suite with their public names. Here’s what malware it looks for…

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Security researchers at Moonlock, the relatively new cybersecurity wing of MacPaw, have detected a new strain of macOS malware disguised as a legitimate Mac app that can destroy itself in certain conditions. At its worst, it can unknowingly extract cookies from Safari and Chrome, contacts from Address Book, and passwords from installed password managers. Meet Empire Transfer…

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Security researchers have detected a new strain of malware hidden in some commonly pirated macOS applications. Once installed, the apps unknowingly execute trojan-like malware in the background of a user’s Mac. What happens from here is nothing good…

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Macs are more protected from malicious software like viruses, Trojans, adware, etc. than Windows and Linux. However, they aren’t immune, and more and more malware is being designed specifically for Mac. Whether you just want to do a checkup or think your (or someone else’s) machine might be affected, here’s a look at 6 valuable malware/virus scanner Mac tools including free and paid options.

Security researchers have pulled the curtain back on what appears to be a variant of the infamous RustBucket malware that targets macOS systems. What was first detected earlier in April, a new report from Jamf Threat Labs highlights how this attack continues to evolve and who its potential targets may be.

Following its 2023 State of Malware report back in February, Malwarebytes is out with its yearly State of Ransomware study. As attacks continue to grow, the US saw 7 times more ransomware incidents than the second most attacked country. Here are the details of what the report found.

Back in March, we saw a piece of malware surface for macOS called MacStealer that’s able to compromise iCloud Keychain passwords, credit card information, files, and more. Now a new malware called Atomic macOS Stealer is being sold as a service to malicious parties that may be more threatening.

So far this year we’ve seen a few reports about malware that’s affecting Macs. Now Elastic Security Labs has released its spring 2023 Global Threat Report. It offers a big-picture look at the state of malware including how often it’s impacting Mac vs Windows and Linux, the most common malware overall, the most common malware on Mac, and more.

Security researchers have identified a new piece of Mac malware, which they’ve dubbed MacStealer. The malware extracts your iCloud passwords, a wide variety of files, and credit card details stored in browsers.

The good news, however, is that you’d have to be very naive to fall victim to it …

Update: Apple has now commented on the findings – see the end of the piece.

Cybersecurity company Jamf Threat Labs has found Mac cryptomining malware in pirate copies of Final Cut Pro. The firm says that the cryptojacking malware was particularly well hidden, and not detected by most Mac security apps.

Jamf also warned that the power of Apple Silicon Macs is going to make them increasingly popular targets for cryptojacking – where malware uses your machine’s considerable processing power to mine cryptocurrencies for the benefit of attackers …

Malwarebytes has released its latest report digging into the state of malware in 2023. The findings include recent key security developments, 5 cyber threat archetypes to watch out for this year, what type of malware was found most on Macs, and more.

A nasty piece of Mac malware is being actively used in the wild to capture personal data from Macs. Security researchers say that CloudMensis spyware can allow an attacker to download files, capture keystrokes, take screengrabs, and more.

Cybersecurity firm ESET says that the spyware has been in active use since February, and appears to be targeting specific individuals …

Security researchers have released details of DazzleSpy – Mac malware that enabled key-logging, screen captures, microphone access, and more.

DazzleSpy was used to target Hong Kong democracy activists, initially through a fake pro-democracy website, and later through a real one, in a so-called watering hole attack …

Apple paid a bug bounty of $100K after a cyber security student who successfully hijacked the iPhone camera back in 2019 did the same with the Mac camera.

Ryan Pickren used an imaginative approach that allowed him to run arbitrary code on a target Mac, and received what he believes to be the largest bug bounty Apple has ever paid …

We may still be waiting for some developers to update their apps to run natively on M1 Macs, but the developer of SysJoker Mac malware is already on the case.

Security researcher Patrick Wardle points to what he says is the first Mac malware of 2022, and it runs on both Intel and M1 Macs. SysJoker can be controlled remotely by an attacker, allowing it to be used in many different ways …

Android and iPhone spyware sold by NSO Group enables state terror attacks in multiple countries, according to a new database released by Amnesty International and partner organizations.

NSO uses zero-day exploits to develop spyware for both iPhones and Android smartphones, allowing users to read text messages and emails, monitor contacts and calls, track locations, collect passwords, and even switch on the smartphone’s microphone to record meetings …

A study looking at new malware found in the wild during 2020 says that threats developed for macOS saw a huge jump – almost 1,100% compared to 2019. But taken into context, that total was less than 1% of the new malware that was discovered for Windows in the same period.

The first Apple Silicon Macs have been out for just a few months and a good portion of popular apps have been updated with native support for the M1 MacBook Air, Pro, and Mac mini. Not far behind, what looks like the first malware that’s been optimized for Apple Silicon has been found in the wild.

The notorious GravityRAT spyware, which initially targeted Windows PCs, now also enable attacks against Macs and Android devices.

Remote Access Trojans (RATs) are so-called because they masquerade as legitimate apps (the Trojan part) and then permit the compromised machine to be accessed remotely …

Security researcher and former NSA hacker Patrick Wardle has demonstrated a way to modify state-created Mac malware to run his own code instead of the payloads from the government servers.

The sophistication of the malware makes re-purposing it attractive to other attackers, including other governments …

Expand
Expanding
Close