And most importantly... how do we protect our Macs?
By not being stupid and paying attention to what you are clicking on. As with all malware, YOU the user must do something to get infected. It doesn’t happen without YOUR input. It’s not magic, it’s not a virus, it’s trickery. When you get a pop-up saying you need to update Flash, IGNORE it! When an offer is too good to be true, IGNORE it!
Good to see you have such a realistic view of malware no matter the OS, and where the primary problem exists: PEBKAC. Seriously.
For those of you unfamiliar with MacKeeper (or feigning ignorance), it is a highly controversial piece of software that many claim to be malware, scareware, or crapware. Its owners tout that it is useful and it has a very aggressive marketing campaign. Once installed it is difficult to remove (by Mac standards). It has also been linked to pervasive pop-ups in browsers.
If you do a search on mackeeper it indicates that the most popular searches point to a lot of unhappy people:
Searches related to mackeeper
uninstall mackeeper
mackeeper review
mackeeper virus
mackeeper reviews 2016
mackeeper download
is mackeeper safe
mackeeper uninstall 2016
IDG sure gets a lot of requests and articles related to it:
As with the majority of malware it is installed by fooling the user to click on something to initiate the install. You have to worry about the new malware on windows coming to other platforms, the type that uses zero day exploits to inject itself into the OS without user interaction, normally through flash adverts etc. These newer infections are 'fileless', sitting in memory before executing power shell commands which then encrypt file systems etc.
This affects pretty much every CPU being built from ARM to Intel to AMD.
"Given how crucial caching is to the performance of modern CPUs, the researchers say architectural fixes are likely to be too costly to be feasible. And even if hardware mitigations are possible—say, by creating a separate cache for page tables—the researchers warn that the vulnerability may resurface in software. They conclude their findings with a recommendation that's sure to get the attention of software developers everywhere:
"We hence recommend ASLR to no longer be trusted as a first line of defense against memory error attacks and for future defenses not to rely on it as a pivotal building block."
A couple of days ago, I got an eMail informing me that I had just purchased an album - "D.U.C." - on iTunes... And that, if I hadn't, I should "follow this link to cancel this purchase". It was such transparent phishing - even the graphics and punctuation were inept and inaccurate - that I wondered how anyone could be fooled, or how anyone could fail to go directly to their account on iTunes to see if the purchase was even there. As I was reading this, I was wondering whether to suggest that phish might have been related. But on second thought, this was so clumsy, compared to the attack the article describes, it's hard to relate the two.
And who's to say there isn't some cardinal malware that has been able to access everything on all of our electronics for years that has not yet been discovered?
There is. It has been hiding in plain sight. It's called the Apple Ecosystem!!
Doesn't really make sense since Apple doesn't try to access all your stuff. Try the joke with Google, maybe?
Ditto the above comments. The article fails to answer two critical questions: How is it being spread? How do we find out if we're infected?
But does not fail to jump into that political propaganda and guesses with: "Last year, the group allegedly hacked the Democratic National Committee
and leaked emails through WikiLeaks during the 2016 presidential
election. "
Which is far more accurate than saying "hacked the election", which is a nonsense phrase.
After years of priding itself on its "virus free" Mac OS X platform, Apple is becoming increasingly susceptible to targeted malware attacks. The shift in hacker attention from Windows to Apple products is likely due to the success of iOS, an operating system used by a huge percentage of smartphone users worldwide.
The first sentence in the last paragraph bothers me.
The average person confuses malware for viruses and he/she really doesn't understand the difference. There is a big distinction in respect to vulnerability and protection. This confusion is often exploited by security companies to make money.
I find it a bit irresponsible for AI to conflate the two and feed into this confusion.
After years of priding itself on its "virus free" Mac OS X platform, Apple is becoming increasingly susceptible to targeted malware attacks. The shift in hacker attention from Windows to Apple products is likely due to the success of iOS, an operating system used by a huge percentage of smartphone users worldwide.
The first sentence in the last paragraph bothers me.
The average person confuses malware for viruses and he/she really doesn't understand the difference. There is a big distinction in respect to vulnerability and protection. This confusion is often exploited by security companies to make money.
I find it a bit irresponsible for AI to conflate the two and feed into this confusion.
Happens all the time, and intentionally conflated by the security software purveyors. Think of all the malware scare stories about competing platforms you read here and elsewhere. Same general thing but readers here see "OOOHH VIRUS!!".
And how does it install? On local account? Well then your local account is in danger. I never allowed regular user account to be default or admin.... even if it was my own account.
And who's to say there isn't some cardinal malware that has been able to access everything on all of our electronics for years that has not yet been discovered?
There is. It has been hiding in plain sight. It's called the Apple Ecosystem!!
Doesn't really make sense since Apple doesn't try to access all your stuff. Try the joke with Google, maybe?
98% chance the infection method involves the user allowing access to an installer and it isn't coming from the App store or an identified developer.
I'd agree but guess 100% chance. Malware is a misnomer, it should be called 'IdiotWare' as it takes an idiot to install it.
I've lost track of folks i know with Macs that installed so called 'anti-virus software for macs' while on ... cough cough ... dubious web sites. There's one born every minute!
Ditto the above comments. The article fails to answer two critical questions: How is it being spread? How do we find out if we're infected?
But does not fail to jump into that political propaganda and guesses with: "Last year, the group allegedly hacked the Democratic National Committee
and leaked emails through WikiLeaks during the 2016 presidential
election. "
No doubt. Also, unspecified government intelligence agencies have confirmed that having bottles of vodka within a 10m radius of your devices, might lead to infection. (There, now I'm qualified to join the MSM 'journalists'. Oh, and I should probably also get a commission check from the US Industrial Military Complex for cleverly working the Russian angle in there. Cold War Redux, here we come!)
Comments
https://arstechnica.com/security/2017/02/new-aslr-busting-javascript-is-about-to-make-drive-by-exploits-much-nastier/
This affects pretty much every CPU being built from ARM to Intel to AMD.
"Given how crucial caching is to the performance of modern CPUs, the researchers say architectural fixes are likely to be too costly to be feasible. And even if hardware mitigations are possible—say, by creating a separate cache for page tables—the researchers warn that the vulnerability may resurface in software. They conclude their findings with a recommendation that's sure to get the attention of software developers everywhere:
"We hence recommend ASLR to no longer be trusted as a first line of defense against memory error attacks and for future defenses not to rely on it as a pivotal building block."
And that, if I hadn't, I should "follow this link to cancel this purchase".
It was such transparent phishing - even the graphics and punctuation were inept and inaccurate -
that I wondered how anyone could be fooled, or how anyone could fail
to go directly to their account on iTunes to see if the purchase was even there.
As I was reading this, I was wondering whether to suggest that phish might have been related.
But on second thought, this was so clumsy, compared to the attack the article describes, it's hard to relate the two.
Which is far more accurate than saying "hacked the election", which is a nonsense phrase.
The average person confuses malware for viruses and he/she really doesn't understand the difference. There is a big distinction in respect to vulnerability and protection. This confusion is often exploited by security companies to make money.
I find it a bit irresponsible for AI to conflate the two and feed into this confusion.
woosh!
I've lost track of folks i know with Macs that installed so called 'anti-virus software for macs' while on ... cough cough ... dubious web sites. There's one born every minute!