OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

PCVARK plays dirty

Posted on August 19th, 2016 at 11:58 AM EST

Recently, Jérôme Segura forwarded me a link to a fake virus scam page that seemed to be Mac-related. I began to look into it, and very quickly found myself in a deep rabbit-hole of Mac crapware, all from a major developer of Mac PUPs (potentially unwanted programs), PCVARK.

Read the full story on Malwarebytes Labs

This post is more than 30 days old and has been locked. No further comments are allowed.

Cross-platform malware Adwind infects Mac

Posted on July 26th, 2016 at 12:58 PM EST

A colleague referred me to an article on a piece of cross-platform malware, called Adwind RAT (short for “remote access tool”), that was going undetected.

This is often code for “this malware was written in Java,” which doesn’t necessarily mean that it actually drops a Mac payload. So I was a bit skeptical, and said so. But, hey, new malware to play with… how could I resist taking a peek?

Read the full story on Malwarebytes Labs

This post is more than 30 days old and has been locked. No further comments are allowed.

New Mac backdoor malware: Eleanor

Posted on July 6th, 2016 at 9:34 AM EST

A new piece of malware for Mac OS X has been discovered, according to a blog post from Bitdefender.

This malware, which Bitdefender is calling Backdoor.MAC.Eleanor, is only the second piece of true Mac malware spotted so far in 2016, the first being the KeRanger ransomware. (Of course, this is not taking the widespread and increasing plague of Mac adware into account.)

Read the full story on Malwarebytes Labs

5 Comments

Was Mac OS X really the most vulnerable in 2015?

Posted on January 8th, 2016 at 12:19 PM EST

Much has been said in the security world about the recent release of data on vulnerabilities discovered in 2015. Due to the way this data has been presented, many news outlets have been reporting that Mac OS X was the “most vulnerable” OS in 2015. But was it really?

Read the rest of the story on Malwarebytes Unpacked.

5 Comments

Multiple vulnerabilities found in Mac OS X

Posted on June 17th, 2015 at 3:30 PM EST

A group of six researchers at several universities in the US and China published a paper last weekend revealing the details of several different vulnerabilities in Mac OS X. These vulnerabilities all provide ways for a malicious app to gain access to data from another app. Frighteningly, these vulnerabilities can be exploited from a Mac App Store app, and can even allow an attacker to gain access to keychain entries!
Read the rest of this entry »

26 Comments

Apple cracks down on adware

Posted on February 13th, 2015 at 7:25 AM EST

Apple has used the XProtect anti-malware protection in Mac OS X to block a few pieces of adware in the past. Yesterday, they cracked down on adware again, adding a slew of new items to XProtect’s signatures, used for identifying and blocking malicious apps. Three are updated signatures, while one is for adware never before blocked by XProtect.
Read the rest of this entry »

50 Comments

New WireLurker malware infects Mac OS X and iOS

Posted on November 6th, 2014 at 10:31 AM EST

Palo Alto Networks announced yesterday their discovery of new malware for Mac OS X, which they are calling WireLurker. This malware has been distributed in 467 known pirated apps distributed in China’s Maiyadi App Store (not affiliated with Apple’s Mac App Store). To make matters worse, this malware is known to infect iOS devices that are connected to infected Macs, even if those iOS devices have not been jailbroken!
Read the rest of this entry »

17 Comments

Critical updates for nearly all Apple devices

Posted on April 23rd, 2014 at 7:50 AM EST

Yesterday, Apple released updates for nearly all their devices. Mac OS X, iOS 7, Apple TV and Apple’s AirPort Extreme and Time Capsule base stations all received updates. All users are advised to do two things immediately: 1) back up your devices, and then 2) install all available updates.
Read the rest of this entry »

6 Comments

How to uninstall software

Posted on April 7th, 2014 at 11:06 AM EST

Okay, I’ll admit that Windows has a leg up on Mac OS X in one area: uninstalling software. On Windows this is easy (in theory) for anyone to do through the control panel. Mac OS X, however, does not provide any systemwide features for software removal. As a result, there are many myths and uncertainties as to how software should be removed from a Mac.
Read the rest of this entry »

8 Comments

New NetWeird variants added to XProtect

Posted on March 28th, 2014 at 9:42 PM EST

Yesterday, I wrote about some new NetWeird trojans that were not detected by XProtect. Less than 36 hours later, XProtect has been updated to version 2047, and now blocks those samples.
Read the rest of this entry »

5 Comments