We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Tor Browser false positive

Posted on June 8th, 2015 at 8:07 AM EDT

A reader yesterday brought to my attention that his web browser was alerting him that The Safe Mac is trying to extract HTML5 canvas image data, with a scary-sounding warning that this could be used to identify the computer. Of course, I knew that this site does no such thing. Which left me questioning what browser was making this claim, and why?
Read the rest of this entry »


About the latest Avast false positive

Posted on November 8th, 2014 at 11:13 AM EST

Yesterday, I reported on an issue with Avast identifying my site’s RSS news feed as MacOS:WireLurker-A. However, that post changed over the course of the day, as further testing showed that my initial assumptions were slightly off and more facts came to light. Today, after having had some time to allow the dust to settle, I’m going to try to clarify what happened in layman’s terms.
Read the rest of this entry »


Avast detects RSS feed as WireLurker

Posted on November 7th, 2014 at 1:58 PM EST

It’s not easy running a site like The Safe Mac. You get threatened with lawsuits [1], attacked by the bad guys [1, 2] and misidentified as malicious by security companies [1]. Headaches galore! And now, Avast is saying that this site’s RSS feed is the WireLurker malware.
Read the rest of this entry »