OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Is downloading from the developer’s site safe?

Posted on June 29th, 2015 at 9:16 AM EST

You should only download software directly from the site of the developer who created the software. This has been a bit of standard advice given by security people like myself when trying to help people understand what to download and what not to download. It’s good advice, right? Well… mostly, but not entirely, unfortunately.
Read the rest of this entry »

34 Comments

Avast’s man in the middle

Posted on February 24th, 2015 at 12:47 PM EST

The security community is ablaze with news of Superfish being pre-installed on some Lenovo computers. The primary issue concerning experts is that Superfish replaced SSL certificates, used for ensuring secure connections on the internet, with its own certificates. It turns out that the same behavior is being exhibited by software that many people are inclined to trust: Avast’s anti-virus software!
Read the rest of this entry »

67 Comments

About the latest Avast false positive

Posted on November 8th, 2014 at 11:13 AM EST

Yesterday, I reported on an issue with Avast identifying my site’s RSS news feed as MacOS:WireLurker-A. However, that post changed over the course of the day, as further testing showed that my initial assumptions were slightly off and more facts came to light. Today, after having had some time to allow the dust to settle, I’m going to try to clarify what happened in layman’s terms.
Read the rest of this entry »

17 Comments

Avast detects RSS feed as WireLurker

Posted on November 7th, 2014 at 1:58 PM EST

It’s not easy running a site like The Safe Mac. You get threatened with lawsuits [1], attacked by the bad guys [1, 2] and misidentified as malicious by security companies [1]. Headaches galore! And now, Avast is saying that this site’s RSS feed is the WireLurker malware.
Read the rest of this entry »

16 Comments

Avast installs adware!

Posted on July 4th, 2014 at 8:40 AM EST

It would appear that Avast has joined the ranks of adware peddlers, as reader Fred Maxwell brought to my attention yesterday. Sometime around December of last year, a SafePrice option was quietly added to the avast! Online Security browser extension. This extension is available for Chrome and Firefox, but apparently not for Safari as far as I can tell.
Read the rest of this entry »

26 Comments