OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Clipboard poisoning attacks on the Mac

Posted on June 3rd, 2016 at 7:33 AM EDT

Graham Cluley drew my attention the other day to an issue that has apparently been known to some for years, but was new to me: clipboard poisoning, an issue where a website can replace what you think is on your clipboard with something else.

Although this seems like an insignificant issue on first glance, it turns out that there are some very serious implications.

Read the full story on Malwarebytes Labs

Leave a comment

warning An iCloud scam that may be worse than ransomware

Posted on March 16th, 2016 at 2:54 PM EDT

Ransomware – malicious software that encrypts your files and then demands payment to unlock them – has become a major scourge of the Windows world.

Mac users just had their first brush with such threats last week, with the appearance of the KeRanger ransomware. However, shortly before KeRanger, I encountered a ransomware event in the Mac world far worse than anything seen for Windows.

This hack seems to have turned an iMac into an expensive paperweight.

Read the full story on Malwarebytes Labs

This post is more than 30 days old and has been locked. No further comments are allowed.

e-biohazard First Mac ransomware spotted

Posted on March 7th, 2016 at 6:16 AM EDT

On Saturday, Apple quietly added detection of something called “KeRanger” to the XProtect anti-malware definitions in OS X. It was revealed on Sunday by Claud Xiao of Palo Alto Networks that KeRanger is the first real Mac ransomware, and it’s not just theoretical. It’s in the wild.

Read the full story on Malwarebytes Labs.

This post is more than 30 days old and has been locked. No further comments are allowed.

Was Mac OS X really the most vulnerable in 2015?

Posted on January 8th, 2016 at 12:19 PM EDT

Much has been said in the security world about the recent release of data on vulnerabilities discovered in 2015. Due to the way this data has been presented, many news outlets have been reporting that Mac OS X was the “most vulnerable” OS in 2015. But was it really?

Read the rest of the story on Malwarebytes Unpacked.

5 Comments

Massive MacKeeper data breach

Posted on December 17th, 2015 at 1:06 PM EDT

Kromtech, the developer of MacKeeper, has suffered a major breach that has exposed more than 13 million users’ data.

Chris Vickery, a security researcher who has uncovered a number of similar data breaches in the past, found that a Kromtech database full of sensitive data was accessible over the internet… without any login required.

Read the rest of the story on Malwarebytes Unpacked.

8 Comments

Beware scams in the wake of the App Store slip-up

Posted on November 13th, 2015 at 3:17 PM EDT

Mac users began to have problems opening apps downloaded from the App Store Wednesday morning. This caused messages that the apps were damaged and would need to be re-downloaded from the App Store.

It turned out that the problem was an expired cryptographic certificate at Apple, used to verify the legitimacy of these apps. Apple didn’t renew it in time, and when it expired, App Store apps failed.

Read the full story on Malwarebytes Unpacked

2 Comments

adware Has MacUpdate fallen to the adware plague?

Posted on November 2nd, 2015 at 1:17 PM EDT

It seems that MacUpdate, long considered to be one of the only remaining trustworthy download aggregation sites for the Mac, has succumbed to the same plague that has ruined most of the others: adware.

Read the full story on Malwarebytes Unpacked

23 Comments

e-biohazard Is Mac malware on the rise?

Posted on October 29th, 2015 at 3:25 PM EDT

Last week, Bit9 + Carbon Black released a paper stating that five times more malware for OS X has appeared in 2015 than during the previous five years combined.

Their findings are interesting, but are not well understood by many Mac users. Some have reacted with disbelief, others with great fear for this dangerous new future.

It turns out that the findings are completely true, but depend entirely on your definition of the word “malware.”

Read the full story on Malwarebytes Unpacked.

1 Comment

Bypassing Apple’s Gatekeeper

Posted on October 8th, 2015 at 5:15 PM EDT

Ever since Apple first introduced Gatekeeper, malware creators have been trying to find a way around it.

Many different pieces of malware have done so, but at the Virus Bulletin Conference in Prague, Patrick Wardle, a security researcher at Synack, presented his findings on some new and interesting ways to skirt Apple’s security.

Read the full story on Malwarebytes Unpacked.

2 Comments

e-biohazard XcodeGhost malware infiltrates App Store

Posted on September 21st, 2015 at 2:34 PM EDT

Late last week, Claud Xiao, a researcher at Palo Alto Networks, announced the discovery of new malware that he calls XcodeGhost. As the story has developed over the weekend, it turns out that this malware has infected at least 39 known iOS apps as of early this morning, all of which made it into the App Store.

Read the full story on Malwarebytes Unpacked.

This post is more than 30 days old and has been locked. No further comments are allowed.