We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

e-biohazard XcodeGhost malware infiltrates App Store

Posted on September 21st, 2015 at 2:34 PM EST

Late last week, Claud Xiao, a researcher at Palo Alto Networks, announced the discovery of new malware that he calls XcodeGhost. As the story has developed over the weekend, it turns out that this malware has infected at least 39 known iOS apps as of early this morning, all of which made it into the App Store.

Read the full story on Malwarebytes Unpacked.

Leave a comment

e-biohazard OceanLotus malware attacks China

Posted on May 31st, 2015 at 8:11 AM EST

On Friday, Chinese security researchers at Qihoo 360’s SkyEye Labs released a paper describing new malware they named OceanLotus. Unfortunately, this paper is written in Chinese, and Google’s far-from-perfect translation of the page is a difficult read. It is clear, however, that there is a Mac variant of this malware.
Read the rest of this entry »


e-biohazard OpinionSpy is back!

Posted on February 9th, 2015 at 8:08 PM EST

OpinionSpy first appeared in 2010, installed along with a number of screensavers made by a company named 7art, as well as a few other applications. OpinionSpy – officially called PremierOpinion by its developers – was spyware disguised as marketing software. It was described by Intego at the time, who attributed to it the ability to capture data from the infected Mac as well as from the network it connected to, as well as having backdoor functionality.
Read the rest of this entry »


e-biohazard A look back at the malware of 2014

Posted on January 2nd, 2015 at 4:34 PM EST

As most Mac users know, Macs don’t get malware. Unfortunately, what most Mac users know on this topic is actually wrong! There actually is Mac malware out there, there’s just a lot less than there is for Windows. Fortunately, in 2014, new malware appearances have dropped since 2013.
Read the rest of this entry »


e-biohazard New WireLurker malware infects Mac OS X and iOS

Posted on November 6th, 2014 at 10:31 AM EST

Palo Alto Networks announced yesterday their discovery of new malware for Mac OS X, which they are calling WireLurker. This malware has been distributed in 467 known pirated apps distributed in China’s Maiyadi App Store (not affiliated with Apple’s Mac App Store). To make matters worse, this malware is known to infect iOS devices that are connected to infected Macs, even if those iOS devices have not been jailbroken!
Read the rest of this entry »


e-biohazard New “Ventir” malware

Posted on October 19th, 2014 at 8:54 AM EST

On Thursday of last week, Kaspersky announced their discovery of a new piece of Mac malware, which they are calling Ventir. I have held off writing anything about this until I could get some independent confirmation, as I tend to be skeptical of Kaspersky these days. (See Misinformation about “acoustical infections” and Kaspersky reveals “The Mask”.) However, I have tested my own copy of the malware at this point, and found that Kaspersky’s analysis seems to be fairly accurate in this case.
Read the rest of this entry »


e-biohazard iWorm method of infection found!

Posted on October 4th, 2014 at 7:29 AM EST

On Thursday, I wrote about new malware called iWorm. This morning I awoke to find an e-mail waiting for me in my Inbox from someone who wished to remain anonymous. This person indicated that he had found installers for the new iWorm malware. He pointed me to the downloads offered by a user named “aceprog” on PirateBay.
Read the rest of this entry »


e-biohazard Dr. Web announces new “iWorm” malware

Posted on October 2nd, 2014 at 7:39 AM EST

Dr. Web announced the discovery of a new piece of Mac malware on Monday, which they are calling Mac.Backdoor.iWorm. According to their report, they believe the malware is affecting “more than 17,000 unique IP addresses.” Of course, this may not correlate well with the number of infected Macs, since most Macs do not have static IP addresses, but the number of infected Macs should at least be on the same order of magnitude.
Read the rest of this entry »


e-biohazard New NetWeird variant in the wild

Posted on March 27th, 2014 at 9:10 AM EST

Since early February, I’ve seen several reports of a new variant of the NetWeird malware. In all cases, this malware was detected by Dr. Web, and was detected as Backdoor.Wirenet.2, as opposed to the earlier Wirenet.1 variant that first appeared back in 2012. It would appear that this malware is still in active development, and the news is bad on all fronts.
Read the rest of this entry »

1 Comment

info How to manage a hacked wireless router

Posted on March 18th, 2014 at 9:48 AM EST

There have been a lot of cases of wireless routers being hacked or infected with malware recently. With news of the malware known as the “Moon” that has been infecting a number of LinkSys routers (one of the most popular brands) and a report that one gang of hackers is in control of more than 300,000 wireless routers, this is a dangerous time to manage a wireless network. So how does the average home or small business user manage their wireless routers?
Read the rest of this entry »