We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Has GetShell been trojanized?

Posted on March 11th, 2013 at 7:44 PM EDT

An interesting file was posted to VirusTotal today: a Mac disk image file containing what appeared to be a copy of Adium. This file was recognized by a small handful of anti-virus engines as the GetShell malware, however. This surprised me a bit, as GetShell had previously (as far as I know) only been installed as a drive-by download through Java vulnerabilities. So I decided to do a little investigation.
Read the rest of this entry »


New variant of GetShell includes Intel code

Posted on July 13th, 2012 at 4:29 PM EDT

Intego has reported finding a new variant of GetShell for Mac OS X that, unlike the first variant, can run natively on modern Macs with Intel processors.  This means that users of Lion (and, presumably, Mountain Lion when it becomes available) are no longer completely safe from this malware.
Read the rest of this entry »

This post is more than 30 days old and has been locked. No further comments are allowed.

New Mac malware GetShell discovered

Posted on July 10th, 2012 at 10:07 PM EDT

F-Secure has discovered new malware that is capable of installing via drive-by download on Mac, Windows and Linux systems. This is accomplished through a Java applet that requests access to your system, and if granted, it then detects the OS being used and installs the malware that is appropriate for that system.
Read the rest of this entry »