The Safe Mac

Follow The Safe Mac on Twitter to stay advised of the latest Mac security news!


Downlite adware blocked by Apple

Posted on November 21st, 2014 at 7:24 AM EST

Happy Mac

Macs infected with the Downlite adware have been prevented from accessing my AdwareMedic site and portions of The Safe Mac for several weeks now. (See Adware blocking AdwareMedic downloads!.) This appears to have been done in an attempt to prevent people from removing this adware from their Macs. Fortunately, this also may have led to Downlite’s demise: it is now identified as malware by Apple! Read the rest of this entry »

27 Comments


Major iOS insecurity!

Posted on November 11th, 2014 at 7:32 AM EST

e-biohazard

I don’t usually write about iOS security issues here, because, well, there aren’t any! Okay, maybe iOS isn’t really all that rosy, but it’s been pretty secure overall. Malware has existed for iOS for some time, but required jailbreaking the device (ie, hacking it to remove security and allow apps to be installed from sources other than the App Store). Unfortunately, that changed yesterday, as FireEye has announced a method they are calling the “Masque Attack” that can be used to install malware on iOS devices that have not been jailbroken. Read the rest of this entry »

3 Comments


About the latest Avast false positive

Posted on November 8th, 2014 at 11:13 AM EST

warning

Yesterday, I reported on an issue with Avast identifying my site’s RSS news feed as MacOS:WireLurker-A. However, that post changed over the course of the day, as further testing showed that my initial assumptions were slightly off and more facts came to light. Today, after having had some time to allow the dust to settle, I’m going to try to clarify what happened in layman’s terms. Read the rest of this entry »

13 Comments


Avast detects RSS feed as WireLurker

Posted on November 7th, 2014 at 1:58 PM EST

warning

It’s not easy running a site like The Safe Mac. You get threatened with lawsuits [1], attacked by the bad guys [1, 2] and misidentified as malicious by security companies [1]. Headaches galore! And now, Avast is saying that this site’s RSS feed is the WireLurker malware. Read the rest of this entry »

16 Comments


New WireLurker malware infects Mac OS X and iOS

Posted on November 6th, 2014 at 10:31 AM EST

e-biohazard

Palo Alto Networks announced yesterday their discovery of new malware for Mac OS X, which they are calling WireLurker. This malware has been distributed in 467 known pirated apps distributed in China’s Maiyadi App Store (not affiliated with Apple’s Mac App Store). To make matters worse, this malware is known to infect iOS devices that are connected to infected Macs, even if those iOS devices have not been jailbroken! Read the rest of this entry »

13 Comments


Ongoing MacKeeper fraud

Posted on November 2nd, 2014 at 11:04 AM EST

warning

Controversy about MacKeeper has been around almost as long as MacKeeper has existed. It is one of the most aggressively-marketed products in the Mac world, and there are numerous accusations that it isn’t useful or even that it is fraudulent. At the same time, you will find a number of positive reviews out there. How do you know what’s true? In this article, I will make the case that MacKeeper, and the company behind it (ZeoBIT/Kromtech), are not to be trusted. Read the rest of this entry »

61 Comments


Update on Downlite blockage

Posted on October 30th, 2014 at 9:08 AM EST

The Downlite adware is now blocking links to my previous article on Downlite. If you are infected with Downlite and are having trouble viewing that article, and thus the solutions at the end of the article, see the following document posted on Apple’s site:

https://discussions.apple.com/docs/DOC-7792

16 Comments


Adware blocking AdwareMedic downloads!

Posted on October 28th, 2014 at 6:24 AM EST

e-biohazard

Last week, I began to receive a series of reports from people that the Download button on the AdwareMedic site wasn’t working. First it was just a trickle, then a flood. For some people, the button was redirecting to the MacKeeper website. For others, it was going to a “not found” error page. I knew that the site itself wasn’t doing that, since I wrote every single piece of code on the AdwareMedic site… so what was going on? Read the rest of this entry »

60 Comments


New “Ventir” malware

Posted on October 19th, 2014 at 8:54 AM EST

e-biohazard

On Thursday of last week, Kaspersky announced their discovery of a new piece of Mac malware, which they are calling Ventir. I have held off writing anything about this until I could get some independent confirmation, as I tend to be skeptical of Kaspersky these days. (See Misinformation about “acoustical infections” and Kaspersky reveals “The Mask”.) However, I have tested my own copy of the malware at this point, and found that Kaspersky’s analysis seems to be fairly accurate in this case. Read the rest of this entry »

43 Comments


Should you worry about POODLE bites?

Posted on October 15th, 2014 at 7:38 AM EST

warning

Yesterday, Google revealed a vulnerability that one of their researchers found in SSL3, a technology used to secure many network connections, including those used by secure websites. This bug – which is being called “POODLE” – could allow for an attacker to gain access to encrypted transmissions sent between the browser and a secure site. The question many Mac users will be asking this morning is: how much should we worry? Read the rest of this entry »

17 Comments


This page and all contents (unless otherwise noted) copyright 2011-2014 by Thomas Reed.
For questions or comments, please contact me.