Newly discovered Mac malware slips through anti-virus programs
Apple’s MacOS is known to be one of the more secure operating systems out there. However, due to its increasing popularity and expanding user base, hackers and cybercriminals are starting to victimize iMacs and MacBooks more and more.
Macs may be safer than Windows machines (for now) but as evidenced by reports of external hacking peripherals like the PCILeech, backdoor trojans like Eleanor, webcam hijackers and even cross-platform threats like Mokes, they are certainly not completely immune from malicious software attacks.
New Mac malware hijacks your DNS
A discovery from Mac OS security blog Objective-See has revealed a new macOS DNS hijacker called OSX/Mami. Aside from doing the usual malware-y routines, like stealing your information and using your computer for generally shady stuff, OSX/Mami is still undetectable by security software.
Even worse, DNS hijackers are quite worrisome since these change your DNS address settings so the bad guys can route all your web traffic through servers of their choosing.
(Note: DNS or the Domain Name System is the way the internet converts readable names to numbers commonly referred to as a website’s IP address. DNS servers basically work as the internet’s phone books.)
By forcing your traffic through their prying eyes, they can siphon out your personal information, login credentials, passwords, redirect you to fake pages and phishing websites, and even use your computer for cryptojacking.
According to Objective See’s Patrick Warble, aside from DNS hijacking, OSX/Mami has other abilities like:
- Taking screenshots
- Generating simulated mouse events
- Perhaps persisting as a launch item
- Downloading and uploading files
- Executing commands
Although the author, the vector and the ultimate motive of the OSX/Mami malware are still unclear, Warble believes that it is being distributed through the usual channels like poisoned emails, fake security alerts and updates, or via social engineering/ phishing scams.
How can you tell if you are infected?
During its discovery, OSX/Mami was still marked as clean by all 59 anti-virus engines on VirusTotal. Hopefully, this has changed now that the word is out.
If you want to check if your Mac is infected, open System Preferences, then select Network. Click on the Advanced button and check if the DNS tab has these entries: 82.163.143.135 and 82.163.142.137. If you do, then your computer has been hijacked!
Note: Also check for the presence of the malicious cloudguard.me certificate in your System Keychain.
Objective-See warns that DNS hijackers can oftentimes install other malware or have an attacker remote control your computer without your knowledge so if you want to be totally safe, you may want to reinstall your macOS operating system. However, in most cases, removing the malicious DNS servers and deleting the malicious cloudguard.me certificate should be enough.
How to remove the malicious DNS servers:
- Open System Preferences, then select Network.
- Click on the Advanced button and check the DNS tab.
- Highlight each malicious address (82.163.143.135 and 82.163.142.137) then click the minus “-” button to remove.
How to remove the malicious certificate
- In your Launchpad (the rocket icon on your dock), go to the Other folder to select Keychain Access.
- Click on System in the Keychains sidebar, then try locating the cloudguard.me certificate. Right-click on it then select “Delete” to remove it.
Have a question about Macs? Kim has your answer! Click here to send Kim a question, she may use it and answer it on her radio show. The Kim Komando Show is broadcast on over 450 stations. Click here to find the show time in your area.
DNS system that is designed to protect you
Having a reliable and dependable DNS system is critical to your safety. If you want to further protect your systems from rogue websites and bad links, here’s Kim’s security pick. Click here to read more about the free Quad9 DNS service.
New mobile malware is straight out of a Hollywood spy movie
As technology gets updated constantly, guess what gets regular upgrades, too? Yep, malware tools. Malware makers and black hat hackers are skilled programmers themselves and they constantly tweak and improve the tools of their trade to keep up with the times.
If you receive this link, DON'T open it: Scary "text bomb" will cause your device to crash
We’re always warning you about the latest activity from cybercriminals. That’s because it’s important to know what new attacks look like and how to defend against them. Sometimes, issues that negatively impact your gadgets don’t come from cybercriminals, they can come from pranksters or friends. Unfortunately, that’s exactly what’s happening right now.
Beware of this tricky Costco scam
Cybercriminals had a banner year in 2017. Massive data breaches, DDoS and ransomware attacks dominated the headlines. No matter which type of attack the scammers use, their final goal is always the same. To steal our personal information and money. Criminals are now getting extremely devious, attempting to find new victims.
Dangerous Netflix phishing scam strikes again. Can you spot the problem with this fake email?
Online streaming services are super popular now that so many Americans are cutting the cable cord. Netflix is one of the leading services with nearly 110 million subscribers. Even if you’re not a Netflix user, you’re being targeted with a dangerous email scam that is so easy to fall for.
4 programs to protect against ransomware
Ransomware has been the number one digital threat in the world for a couple of years now. The FBI estimates that nearly $1 billion was paid by victims in 2016 alone.
Cybercriminals are not cutting down their attacks, in fact, they’re getting worse. Do you remember the WannaCry variant that infected computers across 150 countries? We can expect more attacks like that on the horizon.
Save your data while traveling with these easy setting changes
If you’re like most people, you can’t imagine your everyday life without your smartphone. Sure, you might complain that your children or grandkids always seem to be staring at a glowing-blue screen.
But you probably stare at your smartphone, too. Don’t feel guilty about that (but do be careful).
Ancestry.com suffers big data leak - 300,000 user credentials exposed
Another massive data breach is hitting users on one of the most popular genealogical and family tree tracking companies around. How did it happen and what data was leaked? There are critical steps you should take to protect yourself.
If you have satellite TV, hackers have access to your network
Imagine if every single gadget in your life was “smart.” Your self-driving car could let your house know you’re on the way home so it can adjust the thermostat and kick on the lights. Your fridge could detect that you’re out of milk and order more online before you even wake up. These are all super helpful features, but they do come with some digital risks that you need to know about.
Fake malware apps on the rise. How to spot and delete them
When it comes to app safety, we always recommend the official app stores for your mobile gadgets. But sometimes, a sneaky developer finds a way to trick these app stores into accepting fake malware apps that resemble the real thing! But how can you spot and delete them?
Hidden keylogger found on 460+ laptop models
It’s extremely important that we safeguard our privacy these days. Having sensitive information fall into the hands of cybercriminals is the last thing that we need. That’s why I’ll tell you how to detect if your laptop was one of over 460 models where keylogger was hidden.
How bad guys put malware inside your smartphone
We’re glued to our smartphones. They have become the digital portals to our entire lives, but the problem is, cybercriminals know that and are targeting smartphones more than ever! They can easily fool you into downloading mobile malware. Look out, if you’re not too careful, you can be their next victim.
Check your phone for malware and bad downloads lurking in your apps
We’re constantly warning you to not download apps from third-party stores. With stringent safety protocols, it’s more secure to get apps from the Google Play Store. Unfortunately, that isn’t 100 percent true anymore. Sometimes, you will see fake notifications trying to trick you into downloading and installing other apps.
3 easy ways to stop your gadgets from spying on you
Do you ever get the feeling that you’re being watched? It’s eerie! And if you’ve been around any of these items lately, there’s a chance that someone has been spying on you. We all know potential threats like webcams and baby monitors, but these are items you’ve been overlooking.
Don't be a victim of expected Uber phishing scams!
Have you heard about the massive data breach at Uber? They paid off hackers in a cover up after a cyberattack exposed more than 57 million customer’s data. It is far from over!
This anti-virus software's email protection service exposed users to banking malware
Cybercriminals never run out of ploys to dupe you into clicking links and attachments that you shouldn’t. But what if hackers manage to find their way around our trusted protection systems too? You won’t believe how they managed to sneak a malicious link through a service that was supposed to detect it!
Is your username and password for sale on the Black Market?
With all the high-profile data breaches and malware threats that put us at risk every day, how much of our personal information is really floating out there? Google sought to find out and the results are truly alarming. Is there anything we can do about it?
5 ways to keep your PC secure
When our PCs work normally, we sometimes take them for granted. We recklessly fill up our hard drives with data, download files, install applications and browse the web as we please. But of course, all it takes is one installation of a malicious application to ruin your PC and worse, have all your information stolen.
A hacker's toolkit, shocking what you can buy on Dark Web for a few bucks
With phishing attacks, ransomware and data breaches on the rise, it’s more difficult than ever to keep your sensitive data protected. Cybercrimes are rampant partly because criminals are more tech savvy these days. Another reason is how easy it is for anyone to pick up a hacker’s toolkit on the Dark Web. You’ll be shocked at what you can buy for so little.
If anyone ever emails you Word docs, you're a target of this nasty scam
We seem to be in a never-ending battle against cybercriminals. That’s because they’re constantly looking for loopholes and finding flaws in the latest technology, making it easy for them to deliver their scams. This attack is different; it takes advantage of an old-school exploit.