OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

HandBrake hacked to drop new variant of Proton malware

Posted on May 8th, 2017 at 1:30 PM EDT

Last year, the Transmission torrent app was hacked not just once, but twice, to install the KeRanger ransomware and, later, the Keydnap backdoor. Now, the same thing has happened to the popular DVD-ripping HandBrake app, which is installing a new variant of the Proton malware.

Read the full story on Malwarebytes Labs

This post is more than 30 days old and has been locked. No further comments are allowed.

Snake malware ported from Windows to Mac

Posted on May 5th, 2017 at 11:06 AM EDT

Snake, also known as Turla and Uroburos, is backdoor malware that has been around and infecting Windows systems since at least 2008. It is thought to be Russian governmental malware and on Windows is highly-sophisticated. It was even seen infecting Linux systems in 2014. Now, it appears to have been ported to Mac.

Read the full story on Malwarebytes Labs

This post is more than 30 days old and has been locked. No further comments are allowed.

Another OSX.Dok dropper found installing new backdoor

Posted on May 1st, 2017 at 3:24 PM EDT

This morning, Adam Thomas, a Malwarebytes researcher, found a variant of the OSX.Dok dropper that behaves altogether differently and installs a completely different payload.

Read the full story on Malwarebytes Labs

This post is more than 30 days old and has been locked. No further comments are allowed.

New OSX.Dok malware intercepts web traffic

Posted on April 28th, 2017 at 2:15 PM EDT

Most Mac malware tends to be unsophisticated. Although it has some rather unpolished and awkward aspects, a new piece of Mac malware, dubbed OSX.Dok, breaks out of that typical mold.

Read the full story on Malwarebytes Labs

This post is more than 30 days old and has been locked. No further comments are allowed.

iCloud support scams

Posted on April 25th, 2017 at 3:27 PM EDT

A Malwarebytes employee has spotted a new iCloud scam attempt. Twice in one day, she received unsolicited phone calls, supposedly from Apple Support, claiming that her iCloud account had been hacked “by Russian hackers,” and asking for her account information.

Read the full story on Malwarebytes Labs

This post is more than 30 days old and has been locked. No further comments are allowed.

Hackers threaten to wipe Apple devices

Posted on March 23rd, 2017 at 1:08 PM EDT

According to a report from Motherboard, a group of hackers calling themselves “Turkish Crime Family” is threatening to remotely erase devices belonging to hundreds of millions of Apple customers. They will do this on April 7, they say, if Apple doesn’t pay them a ransom.

Read the full story on Malwarebytes Labs

This post is more than 30 days old and has been locked. No further comments are allowed.

Mac security facts and fallacies

Posted on March 9th, 2017 at 4:38 PM EDT

There are many Mac security myths circulating on forums, blogs and other places. So how can you tell if the advice you’re reading is fact or fallacy? Read on to find out!

This post is more than 30 days old and has been locked. No further comments are allowed.

Two new Mac backdoors discovered

Posted on March 1st, 2017 at 4:41 PM EDT

On Valentine’s Day, Mac users got a special “treat” in the form of new malware. Then, later that same week, there were signs of yet another piece of malware looming. These threats were overshadowed a bit by the discovery last week of the second ransomware app to ever appear on the Mac, but they’re still worthy of consideration.

Read the full story on Malwarebytes Labs

This post is more than 30 days old and has been locked. No further comments are allowed.

Decrypting after a Findzip ransomware infection

Posted on February 28th, 2017 at 11:24 AM EDT

The Findzip ransomware was discovered on February 22, 2017. At that time, it was thought that files would be irreversibly encrypted by this ransomware, with no chance of decryption. Turns out, that’s not quite true.

Read the full story on Malwarebytes Labs

This post is more than 30 days old and has been locked. No further comments are allowed.

New Mac ransomware on piracy sites

Posted on February 23rd, 2017 at 11:35 AM EDT

February has been a relatively busy month in the world of Mac malware, and now it has gotten busier with the appearance of the second piece of ransomware ever to affect macOS. Fortunately, this is quite poor ransomware that will only bite those who are doing something wrong in the first place. Nonetheless, it’s good enough to cause your day to go bad in a very big way if you get infected.

Read the full story on Malwarebytes Labs

This post is more than 30 days old and has been locked. No further comments are allowed.