OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

How does your Mac NOT protect you?

Posted on October 25th, 2013 at 11:33 AM EDT

I spend a lot of time telling people about how their Mac protect them from malware. I have even written an entire section on the topic in my Mac Malware Guide. So it may be a bit surprising that I seem to be suddenly turning around and saying the opposite.  That’s not the case, though. The Mac still protects you just as I have said… but it’s also important to keep in mind where the holes in those defenses are. Just as a house isn’t secure if the owner is unaware that the back door is unlocked, neither is a Mac safe if the owner isn’t aware of the holes in its security.
Read the rest of this entry »

10 Comments

Invisible malware

Posted on October 15th, 2013 at 11:08 AM EDT

There has been a bit of talk in the security industry about a recent blog post by Daniel Pistelli, who reported on a technique that could be used to create what some are calling “invisible” malware. This technique does represent a bit of a problem to the anti-virus industry. However, it’s important to understand the full context of how Mac OS X protects against malware, and to recognize that this technique means very little to Mac users in the current malware climate.
Read the rest of this entry »

This post is more than 30 days old and has been locked. No further comments are allowed.

Touch ID security concerns are much ado about nothing

Posted on September 23rd, 2013 at 11:59 AM EDT

There’s been a lot of fuss about Touch ID – the fingerprint reading system in Apple’s new iPhone 5s – since its release. For that matter, the furor actually started long before release, when the fingerprint reader was nothing but a rumor. It seems like almost every security expert has been making the most of every opportunity to take a potshot at Touch ID. One would get the idea that Touch ID was going to cause the Armageddon. The reality, though, is far less scary than people would like you to believe.
Read the rest of this entry »

10 Comments

New signed malware called Janicab

Posted on July 15th, 2013 at 2:27 PM EDT

F-Secure announced the discovery today of a new trojan, which they have named Janicab. This malware makes use of a familiar old trick – disguising an application as a document to trick the user into opening it – but applies a couple newer twists. At this time, the built in defenses in Mac OS X will allow this trojan to run without much in the way of warnings, so users are advised to be on their guard.
Read the rest of this entry »

11 Comments

Proof-of-concept Mac OS X virus announced

Posted on June 4th, 2013 at 3:41 PM EDT

In 2006, a malware researcher going by the name JPanic created a proof-of-concept virus capable of infecting Windows and Linux machines called Capzloq Tekniq. JPanic has now updated this proof-of-concept, and as part of the update, it is now capable of infecting Macs.
Read the rest of this entry »

7 Comments

How to reinstall Mac OS X from scratch

Posted on April 11th, 2013 at 11:11 AM EDT

For whatever reason, you have decided that you want to reinstall the system from scratch, restoring your machine to an “out-of-the-box” state. Regardless of the reason, this is not something to be undertaken lightly. The possibility of data loss looms any time you erase your primary hard drive. Further, if you do the job wrong, whatever problem you’re trying to solve may not even be solved. Fortunately, there are some easy steps you can take to do the job right.
Read the rest of this entry »

14 Comments

What is Gatekeeper?

Posted on March 18th, 2013 at 12:57 PM EDT

With the recent news coverage of the Pintsized malware, which infected high-profile targets like Facebook, Apple and Microsoft, much has been said in passing about Gatekeeper. Specifically, a number of news reports have mentioned how Pintsized was able to get past Gatekeeper. Unfortunately, these reports have mentioned this fact without any real understanding of what it means, and this has left many Mac users concerned. Although there is an important message hidden in that information, it’s not as dire as it sounds in a news blurb. So, what exactly is Gatekeeper, and what do we need to know about it?
Read the rest of this entry »

5 Comments

Important security updates

Posted on March 15th, 2013 at 10:02 AM EDT

Apple posted a couple updates yesterday with some very important security content, and I advise updating as soon as you can. Both Mac OS X 10.8.3 and Security Update 2013-001, available for both Snow Leopard and Lion, contain a number of important security updates. However, one in particular is likely to cause the hair to stand up on the back of the neck of anyone who has been following the saga of Java’s recent descent into vulnerability perdition.
Read the rest of this entry »

25 Comments

Mysterious new malware takes down multiple companies

Posted on February 19th, 2013 at 5:47 PM EDT

This has been quite an interesting month in security news. Multiple major companies have been hacked, including Apple themselves, and there are rumors of yet another new bit of malware for the Mac. Yet all is still rather unclear. Is this all related? It’s probably too soon to say for sure, but I am guessing that it may be.
Read the rest of this entry »

9 Comments

Variant of SMSSend slips past XProtect

Posted on February 11th, 2013 at 9:47 PM EDT

This weekend, I got my hands on a variant of the SMSSend malware. What I found was very interesting, and very concerning. After examining it, it’s evident that the malware is still evolving and is still an active threat. Worst of all: it seems to be capable of slipping past the current version of the built-in anti-malware security in Mac OS X (aka, XProtect)!
Read the rest of this entry »

21 Comments