dcsimg

Holes found in Mojave’s privacy protection

macOS Mojave was released on Monday, September 24, with much promise of increased privacy protections. In particular, apps are now required to get permission from users before they can access data in certain locations, such as Mail data, contacts, calendar events, Safari user data, and more. Blocking access to Safari user data would have prevented the issue brought to light earlier this month, in … [Read more...]

Mac App Store apps are stealing user data

There is a concerning trend lately in the Mac App Store. Several security researchers have independently found different apps that are collecting sensitive user data and uploading it to servers controlled by the developer. (This is referred to as exfiltrating the data.) Some of this data is actually being sent to Chinese servers, which may not be subject to the same stringent requirements around … [Read more...]

New strain of Mac malware Proton found after two years

Last week, Kaspersky reported on a new variant of the Mac malware Proton, which they have dubbed Calisto, that has been around for at least two years. Calisto is thoroughly dead at this point, but there are still potential security implications involved with these older infections. Proton was first revealed to the world back in February 2017 via an Apple security update. It was later seen in the … [Read more...]

Mac malware targets cryptomining users

Last week, a security researcher named Remco Verhoef announced the discovery of a new piece of Mac malware being distributed on cryptomining chat groups. This malware was later further analyzed by Patrick Wardle, who gave it the rather appropriate moniker OSX.Dummy. The malware was being distributed by chat users posing as admins, who posted the following shell script for users to run: cd /tmp … [Read more...]

New Mac cryptominer uses XMRig

A new Mac cryptominer was discovered this week, after affected users saw their fans whirring out of control and a process named “mshelper” gobbling up CPU time like Cookie Monster. Fortunately, this malware is not very sophisticated and is easy to remove. The malware became public knowledge in a post on Apple’s discussion forums, where the “mshelper” process was found … [Read more...]

Seven security tips for staying safe on an iPhone

iPhones have a reputation for being notoriously secure. After all, they caused quite the kerfuffle between Apple and the FBI because they are, from the FBI’s point of view, too secure! However, don’t let that lull you into a false sense of security. Using an iPhone is not an automatic guarantee of invulnerability. The good news is that there are easy things to do to avoid causing … [Read more...]

New Crossrider variant installs configuration profiles on Macs

A new variant of the Crossrider adware has been spotted that is infecting Macs in a unique way. For the most part, this variant is still quite ordinary, doing some of the same old things that we’ve been seeing for years in Mac adware. However, the use of a configuration profile introduces a unique new method for maintaining persistence. Persistence is the goal of most malware. After all, … [Read more...]

CyberByte steals Malwarebytes’ intellectual property

At Malwarebytes, we frequently examine apps for detection as Potentially Unwanted Programs (PUPs). These are programs that exhibit a wide variety of bad behaviors, but aren’t actually outright malware. Unfortunately, there are many supposed antivirus programs that fit this category. Following user reports, we began researching a piece of software named CyberByte Antivirus to determine … [Read more...]

GrayKey iPhone unlocker poses serious security concerns

Ever since the case of the San Bernadino shooter pitted Apple against the FBI over the unlocking of an iPhone, opinions have been split on providing backdoor access to the iPhone for law enforcement. Some felt that Apple was aiding and abetting a felony by refusing to create a special version of iOS with a backdoor for accessing the phone’s data. Others believed that it’s impossible to … [Read more...]

The state of Mac malware

Mac users are often told that they don’t need antivirus software, because there are no Mac viruses. However, this is not true at all, as Macs actually are affected by malware, and have been for most of their existence. Even the first well-known virus—Elk Cloner—affected Apple computers rather than MS-DOS computers. In 2018, the state of Mac malware has evolved, with more and more threats … [Read more...]