OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

The unchecked growth of Mac adware

Posted on August 18th, 2014 at 2:40 PM EDT

Adware was unheard of on the Mac just a couple years ago. The first Mac adware appeared in 2012, and it was the only one to appear that year. Since then, adware has seen an exponential rise that promises to bring the Mac down to the same state as Windows, where adware infections are very common. Most people just want to know how to get rid of adware, but the questions we need to be asking are what is causing this sudden growth, and why is it being allowed to grow unchecked?
Read the rest of this entry »

58 Comments

Russian iCloud hackers arrested

Posted on June 9th, 2014 at 9:03 PM EDT

A couple weeks ago, a number of iOS users in Australia and New Zealand had their devices locked with a ransom message, by hackers who had gained access to the victims’ iCloud accounts through still-unknown means. Today, Russia’s Ministry of Internal Affairs announced that two hackers had been arrested for iCloud hacking. Just as there was much bad reporting of the Aussie hack by mainstream tech press, the inaccurate reports about these arrests have already begun.
Read the rest of this entry »

2 Comments

Beware of phishing attacks

Posted on April 14th, 2014 at 8:30 PM EDT

An opportunity fell right into my lap this evening to remind everyone about the dangers of phishing. Pretty much everyone with an electronic device has at least one online account of some kind. Most people have many accounts, often so many that they have lost track of some of the less important ones. This means that everyone is at risk of receiving some kind of phishing e-mail at some point.
Read the rest of this entry »

12 Comments

Missing malware added to XProtect

Posted on March 14th, 2014 at 9:47 AM EDT

Last week, I wrote about a number of malware samples I had discovered that were not detected by XProtect. Immediately after posting that article, I submitted those samples to Apple. Yesterday, they were finally added to XProtect, when XProtect was updated to version 2046. This, and other developments over the past week, are both encouraging and upsetting, for a variety of reasons.
Read the rest of this entry »

16 Comments

Time to re-evaluate safety of Mac OS X

Posted on March 5th, 2014 at 11:07 AM EDT

My Mac Malware Guide has, for some time, made the claim that a properly up-to-date Mac OS X system cannot be infected by any known malware. This was true at one point, with some provisos, when that text was originally written. However, recent cases of malware that has failed to be blocked by the XProtect anti-malware system in Mac OS X prompted me to do a re-evaluation of this statement. What I found was profoundly disappointing, leaving me wishing that I could take those words back.
Read the rest of this entry »

9 Comments

Apple introduces two-factor authentication

Posted on April 2nd, 2013 at 3:34 PM EDT

Back in August of last year, a journalist named Mat Honan had his Apple ID hacked, allowing the hackers to remotely wipe all his devices and trash all his iCloud data. Two weeks ago, Apple introduced a new two-factor authentication method for Apple IDs that would prevent future use of the technique used against Mr. Honan. Before you jump in and start using it, though, you’ll need to understand the advantages and disadvantages of doing so.
Read the rest of this entry »

1 Comment

Beware of fake tech support

Posted on March 7th, 2013 at 8:00 AM EDT

Right in line with yesterday’s theme involving trust, I have been reminded of yet another trust issue. When you call tech support for a particular product, your goal is probably to talk to an official representative of the company that makes that product. If you want support for an Apple device, you’re going to call Apple’s tech support, right? Unfortunately, a couple times in the last two weeks, I have seen people fooled into calling a company that is pretending to offer official Apple support.
Read the rest of this entry »

6 Comments

Mysterious new malware takes down multiple companies

Posted on February 19th, 2013 at 5:47 PM EDT

This has been quite an interesting month in security news. Multiple major companies have been hacked, including Apple themselves, and there are rumors of yet another new bit of malware for the Mac. Yet all is still rather unclear. Is this all related? It’s probably too soon to say for sure, but I am guessing that it may be.
Read the rest of this entry »

9 Comments

Apple and Mozilla act fast to secure Java

Posted on January 12th, 2013 at 8:42 AM EDT

Thursday saw the discovery of a new Java vulnerability (see New Java vulnerability discovered). Worse, the discovery of this vulnerability came at the same time as discovery that it was already being exploited actively to drop malware onto vulnerable Windows machines. Macs were undoubtedly soon to follow, since several prominent cross-platform “crime kits,” such as Blackhole, are known to have started using this vulnerability. Fortunately, less than 24 hours after this news broke, both Apple and Mozilla (creators of the Firefox web browser) had acted to protect users of their products against this threat.
Read the rest of this entry »

7 Comments

A look back at 12 years of Mac malware

Posted on January 1st, 2013 at 10:32 PM EDT

It has been 12 years since the advent of Mac OS X. There had been some malware for older Mac systems before that point, but none of those worked on Mac OS X. This “reset the clock” on the Mac with respect to malware. Further, the new Unix base of Mac OS X promised greater security than older versions of the Mac OS. So how has that promise stacked up at this point?
Read the rest of this entry »

9 Comments