OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Chinese networks redirecting to wpkg.org

Posted on April 28th, 2015 at 1:18 PM EDT

A couple days ago, I got an e-mail message from someone who was having trouble with being redirected to wpkg.org frequently. We fruitlessly explored a number of possibilities, including adware, hacked sites and hacked wireless routers. As more reports have surfaced over the intervening period, though, it looks like this is a problem that only people connected to networks in China are experiencing.
Read the rest of this entry »

14 Comments

Implications of celebrity photo iCloud hack

Posted on September 2nd, 2014 at 9:28 AM EDT

If you haven’t seen it in the news yet, I’m sure you will soon: the hackers who obtained and published nude photos of a number of female celebrities allegedly got those photos by hacking the iCloud accounts of those celebs. It’s unclear at this time whether iCloud was actually involved or whether news media have noticed two separate stories and glued them together. In any case, though, an iCloud vulnerability was real, so how concerned do we need to be?
Read the rest of this entry »

17 Comments

What to do if your Apple ID has been hacked

Posted on August 10th, 2014 at 8:51 AM EDT

Apple IDs are a popular target for hackers. This is not only because Apple devices have become so popular, but also because Apple IDs typically provide purchasing power. With an Apple ID, a hacker can purchase music and movies in the iTunes Store or apps in the iOS App Store or Mac App Store on someone else’s dime. Typical symptoms of an Apple ID hack are a sudden inability to log in or strange purchases showing up in your purchase history or on your iOS device. So what do you do if you believe your Apple ID has been hacked?
Read the rest of this entry »

38 Comments

Russian iCloud hackers arrested

Posted on June 9th, 2014 at 9:03 PM EDT

A couple weeks ago, a number of iOS users in Australia and New Zealand had their devices locked with a ransom message, by hackers who had gained access to the victims’ iCloud accounts through still-unknown means. Today, Russia’s Ministry of Internal Affairs announced that two hackers had been arrested for iCloud hacking. Just as there was much bad reporting of the Aussie hack by mainstream tech press, the inaccurate reports about these arrests have already begun.
Read the rest of this entry »

2 Comments

Australians getting locked out of iOS devices

Posted on May 26th, 2014 at 5:50 PM EDT

There is a rapidly-growing topic on Apple’s forums right now in which Australians seem to be having iOS devices getting locked remotely. The affected devices are displaying a message claiming that they have been hacked by “Oleg Pliss” and demanding that a $100 USD payment be sent to a particular Paypal account.
Read the rest of this entry »

6 Comments

NBC severely overhypes Sochi hacking story

Posted on February 6th, 2014 at 5:03 PM EDT

On Tuesday night, NBC aired a segment on the nightly news warning about widespread hacking at Sochi. As the story implied, any electronic devices brought to Russia would be hacked immediately, as soon as they are connected to a network. Unfortunately, these implications reached farther than the facts support. NBC’s reporting of the story was extremely misleading.
Read the rest of this entry »

1 Comment

NSA iPhone hack is uninteresting

Posted on January 1st, 2014 at 11:39 AM EDT

The story of NSA’s remote access iPhone hack, called DROPOUTJEEP, has been spreading through online news media like wildfire. There is much hand-wringing and anxiety over the NSA getting its fingers into the security of iOS. Some sources are using this as an excuse to attack the security of iOS. The evidence behind these claims is scanty, however.
Read the rest of this entry »

3 Comments

Twitter hacked

Posted on February 2nd, 2013 at 9:04 AM EDT

The latest in a long string of sites to be hacked, Twitter reports that they were hacked and the account information for 250,000 users was captured. Twitter says they have reset the passwords for affected users and sent explanatory e-mail messages to all of them. However, I would not advise assuming that you are safe if you did not have your password reset. The attackers could have accessed more data than Twitter realizes. Conversely, I would not advise clicking links in any e-mail messages you receive, as they may not actually come from Twitter. This sort of situation invariably leads to phishing attempts, as other hackers try to trick users into revealing passwords. All users of Twitter should immediately change their passwords. Log in to Twitter.com, click the gear icon (in the top right corner of the page) and choose Settings from the menu that appears, then click Password on the left side of the page.

9 Comments