Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...

A security researcher has revealed details of a new piece of undetectable malware targeting Apple's Mac computers—reportedly first macOS malware of 2018.

Dubbed OSX/MaMi, an unsigned Mach-O 64-bit executable, the malware is somewhat similar to DNSChanger malware that infected millions of computers across the world in 2012.

DNSChanger malware typically changes DNS server settings on infected computers, allowing attackers to route internet traffic through malicious servers and intercept sensitive information.

First appeared on the Malwarebytes forum, a user posted a query regarding unknown malware that infected his friend's computer that silently changed DNS settings on infected macOS to 82.163.143.135 and 82.163.142.137 addresses.

Learn more / En savoir plus / Mehr erfahren:

https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

Mac malware is on the rise, shows the analysis of Mac attacks by F-Secure Labs. Most are spyware, but also targeted attacks and ransomware.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

Quoi de mieux pour piéger l'utilisateur de se faire passer pour une source légitime ? Des pirates ont ainsi réussi à s'introduire dans les serveurs de l'éditeur d'Handbrake et ont remplacé le logiciel d'encodage vidéo par une version piégée. Du coup, entre le 2 et le 6 mai dernier, si vous avez téléchargé (ou mis à jour) l'application vous avez toutes les chances (une chance sur deux pour être précis) d'avoir obtenu une version corrompue avec un joli malware en cadeau (OSX.PROTON).

Afin de vérifier si son Mac est infecté, il suffit d’ouvrir le Moniteur d’activité (localisé dans le dossier 'Utilitaires' d’Applications) et de regarder si le processus 'activity_agent' est en cours d’exécution. Si tel est le cas, cela veut dire que le malware est actif sur la machine.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=HandBrake

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

A malware research team has discovered a new piece of Mac malware that reportedly affects all versions of MacOS and is signed with a valid developer certificate authenticated by Apple (via The Hacker News).

The malware has been dubbed "DOK" and is being disseminated through an email phishing campaign which researchers at CheckPoint say is specifically targeting macOS users, making it the first of its kind.

The malware works by gaining administration privileges in order to install a new root certificate on the user's system. This enables it to gain access to all communications between the host Mac and the internet, including traffic flowing through connections encrypted with SSL.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

The latest example of Mac ransomware, OSX/Filecoder.E, has been discovered by ESET after it was distributed via BitTorrent distribution sites

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

For a long time, one of the most common reasons for buying an Apple computer over a Windows-based one was that the former was less susceptible to viruses and other malware. However, the perceived invulnerability of Macs to all manner of computer nasties may not have any grounding in reality – or at least, not anymore.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

The volume of malware targeting Macs is growing fast as shown by the data from our Labs. Attackers are shifting their efforts towards Macs.

Learn more / En savoir plus / Mehr erfahren:

https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

Macs are becoming an increasingly big target for malware authors, and a new report has pointed to a massive increase this year in the likes of viruses aimed at Apple’s machines (which were once regarded as relative safe havens in comparison to Windows PCs).

The findings from Malwarebytes show that as of July 2017, there has been a huge leap of 230% in Mac malware compared to the previous year.

Some categories of malicious software are increasing at an even faster rate than this, namely adware and potentially unwanted programs (PUPs) according to the security firm, although it didn’t clarify any percentage rates in these cases.

Malwarebytes also observed that the Mac App Store is currently awash with a ‘tidal wave’ of scam software.

As Betanews reports, the authors of the study looked to the future, predicting that: “In 2018, Mac malware will increase but PUPs will see the largest growth. These are not very well policed and are free to proliferate unchecked.

“Mac users are already experiencing some of this now, with an explosion of fake anti-virus apps in the Mac App Store. These are not well controlled by Apple and not commonly known of even within the security community.”

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

A mirror download server for the popular tool HandBrake video file-transcoding app has been compromised by hackers, who replaced its Mac edition with malware.
The first most Mac users will know about the security incident will be when they visit the app’s website, at https://handbrake.fr, and see a link to a “Security Alert”:

Anyone who has downloaded HandBrake on Mac between [02/May/2017 14:30 UTC] and [06/May/2017 11:00 UTC] needs to verify the SHA1 / 256 sum of the file before running it.

Anyone who has installed HandBrake for Mac needs to verify their system is not infected with a Trojan. You have 50/50 chance if you’ve downloaded HandBrake during this period.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=HandBrake

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

In the big picture, which operating systems attract more malware is beside the point. Windows may be targeted more often, but if you’re the Mac user who gets victimized by tainted code, the tally doesn’t matter. For Mac users, the important thing is to raise awareness of the threats they face and explain what they can do about it.

Below is a look at the Mac malware SophosLabs has intercepted, analyzed and protected customers against, followed by recent issues Naked Security has written about. From there, we look at some tips to ensure better protection.

View from the lab

Mac malware has been studied at length by SophosLabs, and in a 2017 malware forecast released last month, it warned that more threats are coming, including several varieties of ransomware.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security