We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Is Mac malware on the rise?

Posted on October 29th, 2015 at 3:25 PM EDT

Last week, Bit9 + Carbon Black released a paper stating that five times more malware for OS X has appeared in 2015 than during the previous five years combined.

Their findings are interesting, but are not well understood by many Mac users. Some have reacted with disbelief, others with great fear for this dangerous new future.

It turns out that the findings are completely true, but depend entirely on your definition of the word “malware.”

Read the full story on Malwarebytes Unpacked.

1 Comment

Bypassing Apple’s Gatekeeper

Posted on October 8th, 2015 at 5:15 PM EDT

Ever since Apple first introduced Gatekeeper, malware creators have been trying to find a way around it.

Many different pieces of malware have done so, but at the Virus Bulletin Conference in Prague, Patrick Wardle, a security researcher at Synack, presented his findings on some new and interesting ways to skirt Apple’s security.

Read the full story on Malwarebytes Unpacked.


XcodeGhost malware infiltrates App Store

Posted on September 21st, 2015 at 2:34 PM EDT

Late last week, Claud Xiao, a researcher at Palo Alto Networks, announced the discovery of new malware that he calls XcodeGhost. As the story has developed over the weekend, it turns out that this malware has infected at least 39 known iOS apps as of early this morning, all of which made it into the App Store.

Read the full story on Malwarebytes Unpacked.

This post is more than 30 days old and has been locked. No further comments are allowed.

Genieo installer tricks keychain

Posted on August 31st, 2015 at 12:51 PM EDT

Earlier this month, an adware installer was found to be taking advantage of the DYLD_PRINT_TO_FILE vulnerability in OS X.

Now Malwarebytes researcher Adam Thomas, who discovered that issue, has found a newer variant of this installer that’s pulling some new tricks.

Read the full story on Malwarebytes Unpacked.

This post is more than 30 days old and has been locked. No further comments are allowed.

DYLD_PRINT_TO_FILE exploit found in the wild

Posted on August 4th, 2015 at 9:47 AM EDT

Adam Thomas, a researcher at Malwarebytes, discovered a new adware installer yesterday that is using the DYLD_PRINT_TO_FILE exploit, discovered last month, to install itself with root privileges.

The full story can be found on Malwarebytes Unpacked.


Fake Safari update installs MacKeeper, ZipCloud

Posted on August 3rd, 2015 at 9:16 AM EDT

A couple weeks ago, we discovered a new version of the InstallCore installer that displays an unpleasant new trick: it pretends to be a Safari update!

The full story can be found on Malwarebytes Unpacked.

1 Comment

Privilege escalation vulnerability found in OS X

Posted on August 3rd, 2015 at 9:14 AM EDT

Security researcher Stefan Esser published the details of a vulnerability in OS X a few weeks ago that allows an attacker to gain root privileges.

The full story can be found on Malwarebytes Unpacked.

This post is more than 30 days old and has been locked. No further comments are allowed.

Introducing Malwarebytes Anti-Malware for Mac

Posted on July 15th, 2015 at 10:09 AM EDT

As faithful readers will know, my name is Thomas Reed, and I have been the sole owner of The Safe Mac and creator of the anti-adware program AdwareMedic for a few years now.

In March, I was contacted by Marcin Kleczynski, CEO of Malwarebytes, who expressed interest in the things I had been doing. The timing could not have been better, and I’m pleased to say that AdwareMedic and The Safe Mac are now owned by Malwarebytes, and I’m now the Director of Mac Offerings at Malwarebytes. Given the Malwarebytes philosophy of taking a hard stance against adware and PUPs (Potentially Unwanted Programs), and their commitment to offering free consumer versions of their products, the fit could not have been any better!

I’m excited to announce that, today, we’re rolling out our flagship Mac product: Malwarebytes Anti-Malware for Mac. This is an improved, but still largely familiar, update of AdwareMedic, and it will be free for all consumers. I’m even more excited when I think about plans for the future, which will include rounding out Malwarebytes’ offerings with other Mac products, providing features like efficient real-time protection, anti-exploit protection and enterprise-friendly capabilities.

I think that, together with Malwarebytes, we can make Mac anti-malware software better, and that’s going to be important in the years ahead!

I will also be continuing to write about Mac security issues, as part of a team of other great, award-winning writers, on the Malwarebytes Unpacked blog. Although I won’t be posting new content on The Safe Mac, it won’t be going away; it’s just changing form.

I’m looking forward to working with Malwarebytes to protect and educate Mac users. I hope you’ll join us!

To celebrate the launch of Malwarebytes Anti-Malware for Mac, we’re giving away a MacBook Air. You can enter here to win!


Is downloading from the developer’s site safe?

Posted on June 29th, 2015 at 9:16 AM EDT

You should only download software directly from the site of the developer who created the software. This has been a bit of standard advice given by security people like myself when trying to help people understand what to download and what not to download. It’s good advice, right? Well… mostly, but not entirely, unfortunately.
Read the rest of this entry »


Genieo changing its name?

Posted on June 19th, 2015 at 9:19 AM EDT

Earlier this month, I wrote about how new variants of the Genieo adware are proliferating. Now, however, it looks like Genieo may be changing its name. A new site, for an app called InKeepr, appears to be poised to take Genieo’s place, perhaps because of all the negative name recognition now associated with the Genieo name.
Read the rest of this entry »