OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Hackers threaten to wipe Apple devices

Posted on March 23rd, 2017 at 1:08 PM EDT

According to a report from Motherboard, a group of hackers calling themselves “Turkish Crime Family” is threatening to remotely erase devices belonging to hundreds of millions of Apple customers. They will do this on April 7, they say, if Apple doesn’t pay them a ransom.

Read the full story on Malwarebytes Labs

Leave a comment

Mac security facts and fallacies

Posted on March 9th, 2017 at 4:38 PM EDT

There are many Mac security myths circulating on forums, blogs and other places. So how can you tell if the advice you’re reading is fact or fallacy? Read on to find out!

Leave a comment

Two new Mac backdoors discovered

Posted on March 1st, 2017 at 4:41 PM EDT

On Valentine’s Day, Mac users got a special “treat” in the form of new malware. Then, later that same week, there were signs of yet another piece of malware looming. These threats were overshadowed a bit by the discovery last week of the second ransomware app to ever appear on the Mac, but they’re still worthy of consideration.

Read the full story on Malwarebytes Labs

Leave a comment

Decrypting after a Findzip ransomware infection

Posted on February 28th, 2017 at 11:24 AM EDT

The Findzip ransomware was discovered on February 22, 2017. At that time, it was thought that files would be irreversibly encrypted by this ransomware, with no chance of decryption. Turns out, that’s not quite true.

Read the full story on Malwarebytes Labs

Leave a comment

New Mac ransomware on piracy sites

Posted on February 23rd, 2017 at 11:35 AM EDT

February has been a relatively busy month in the world of Mac malware, and now it has gotten busier with the appearance of the second piece of ransomware ever to affect macOS. Fortunately, this is quite poor ransomware that will only bite those who are doing something wrong in the first place. Nonetheless, it’s good enough to cause your day to go bad in a very big way if you get infected.

Read the full story on Malwarebytes Labs

Leave a comment

Microsoft Office macro malware targets Macs

Posted on February 10th, 2017 at 11:25 AM EDT

Macro malware – commonly known as a “Word macro virus” – involves maliciously-crafted Microsoft Office documents containing Visual Basic macros. These things have been around for quite some time, but have mostly just been a nuisance to Mac users. Unfortunately, that has now changed.

Read the full story on Malwarebytes Labs

Leave a comment

MacDownloader malware targeting defense industry

Posted on February 9th, 2017 at 11:48 AM EDT

Researchers Claudio Guarnieri and Collin Anderson recently discovered new Mac malware, which they have dubbed MacDownloader. They report that this malware appears to be the work of Iranian hackers and is targeting US defense contractors, such as Lockheed Martin, Sierra Nevada Corporation, Raytheon, and Boeing.

Read the full story on Malwarebytes Labs

Leave a comment

New Mac backdoor using antiquated code

Posted on January 18th, 2017 at 10:16 AM EDT

The first Mac malware of 2017 was brought to my attention by an IT admin, who spotted some strange outgoing network traffic from a particular Mac. This led to the discovery of a piece of malware unlike anything I’ve seen before, which appears to have actually been in existence, undetected, for some time, and which seems to be targeting biomedical research centers.

Read the full story on Malwarebytes Labs

This post is more than 30 days old and has been locked. No further comments are allowed.

Updates

Posted on December 9th, 2016 at 3:51 PM EDT

I’ve fallen behind on keeping the posts on this site synced with the posts on the Malwarebytes blog. To find those articles I’ve written that you might have missed, you can find them here:

https://blog.malwarebytes.com/author/treed/

2 Comments

PCVARK plays dirty

Posted on August 19th, 2016 at 11:58 AM EDT

Recently, Jérôme Segura forwarded me a link to a fake virus scam page that seemed to be Mac-related. I began to look into it, and very quickly found myself in a deep rabbit-hole of Mac crapware, all from a major developer of Mac PUPs (potentially unwanted programs), PCVARK.

Read the full story on Malwarebytes Labs

This post is more than 30 days old and has been locked. No further comments are allowed.