malware

, ,

Do NOT Install MacKeeper

, ,

        Here's an important notice from John Carter:  "It was just brought to my attention by Betsy Barnes that MacKeeper is one of the apps that you do not want to install on your Mac.

        "The reasons are various. It has been described as highly invasive malware, but this is probably because it pops up in your face every time you drag an application to the trash (the preferred method is to use AppCleaner to delete an application), and then often after dragging anything to the trash. 
        "Malware is anything that is hostile, intrusive, or annoying. So if being reminded that MacKeeper can clean up your computer is annoying, then MacKeeper is malware. By this logic, Apple's Notification Center can be annoying and therefor it is malware.
        "MacKeeper does this as a way of 'helping' you keep your computer running lean and fast. Does it really? 
        "A simple query in Safari returns dozens of complaints about MacKeeper. For one user who bought a MacBook Pro and then installed MacKeeper, he started having freezes and crashes. A scan of the logs clearly showed MacKeeper as involved in every crash and freeze (See the full report here.)
        "Additionally, one user has attempted to get a refund and is still waiting for it after being told three times he will get it."
        John concludes, "For what it's worth, I am no longer even suggesting that MacKeeper be used on a Mac. Use AppCleaner to remove apps and the rest can be trusted to just dumping it into the Trash.
        For further reading, see this article on "Do not install MacKeeper."
,

More on Malware

,

        "Here's an article on yet another way malware is attempting to infect our computers," says Jim Hamm.  And that gets our attention.
        " The original article was in French, and Google was used to translate it to English. And here is an article from F-Secure Lab (also originally in French) providing further details.

        "I haven't read of any alerts here in the U.S. about this specific malware, so this is just for info and something to be aware of."
, , , ,

Is Your Router Vulnerable?

, , , ,

        With his thoughtful suggestion Jim Hamm forwards an interesting site.  He starts off, "Here is a description and test to see whether your router may be vulnerable to a UPnP discovery request. I ran the test, and our router is not vulnerable.

        Jim then comments, "In the real world, I don't know how serious this threat may or may not be. I don't recall reading anything about it, and don't really know anything about this vulnerability. So, proceed accordingly."
        Hmmm.  Let's look at this company and their blog to learn more.  Here's a photo of them,  http://www.rapid7.com/company/  and you'll learn more when you scan their Security Street blog: https://community.rapid7.com/community/infosec/blog 
       And this is the latest addition from Jim, "Here is more information on the Universal Plug and Play (UPnP) vulnerability issue. Although this article came out a while back, I guess reading it now is better late than never." 
,

Malware Info We Need to Know

,

        Ward Stanke, our PMUG Ambassador, sends important info on Mac malware:  "I saw this post to the Apple Users Group Mailing List from Randy Singer (co-author of The Macintosh Bible, 4th, 5th and 6th editions).

        Randy said (this is a direct quote): "If Mac users want to have all of their questions about Macintosh malware answered authoritatively, I recommend that you have a look at this Web site created and maintained by Thomas Reed:  http://www.reedcorner.net/mmg/
        "I trust Thomas Reed and what he has to say because he isn't biased, in that he isn't trying to sell anti-virus software as most malware reporting sites are, and he isn't a Windows user inappropriately extrapolating from that platform when speaking about the Macintosh.
        "There is a companion comprehensive list of all of the malware which exists for Mac OS X, which is kept meticulously updated, here: http://www.reedcorner.net/mmg-catalog/  On the far left of this list each piece of malware is rated for its 'threat level.'"  
        A quote from Thomas' site:  "However, it is important to keep in mind that Mac OS X already does an admirable job of protecting against malware. At this time, there is no known malware capable of infecting a Mac running a properly-updated version of Mac OS X 10.6 or later, with all security settings left at the default (at a minimum)."
, , ,

Malware Prevention: Mac & PC

, , ,

        Making us aware of the latest precautions for malware prevention, Jim Hamm sends this:  "Click here. This newsletter is oriented to PCs, but the information contained in this article is relevant to Macs as well."  The writer speaks about a February security conference, and goes into some detailed explanations and tips.  Social-engineering threats are rapidly growing.  He declares that the number one delivery method of a hack is a ZIP file.  He also relates his conversation with a hacker.  
        Thanks, Jim. This looks like an article we all need to read and heed.  We might do our PC friends a favor by sending this info on to them right away. 

, , ,

Bing and Botnets (What?)

, , ,

        "Here's an interesting article on how automated botnets are searching Microsoft's Bing to find a weakness, or something they can harvest for nefarious purposes," begins Jim Hamm.  
        He explains, "Google, for example, has a 20-person team fighting this type of search all the time. The hackers are always looking for a weakness in a website, a bank's or retail database, or your computer, to try and steal something. 
           "It's no wonder sites and computers get hacked — the search by hackers is relentless," is Jim's final comment. 
        So now we've learned about Bing and Botnets.  See, we do need to keep up!  

, ,

Watch Out for This Email

, ,

        David Passell alerts us to another scam now making the rounds in our area.  It involves an email complete with phony tracking number informing you that there was a package delivery error. It purports to come from one of these delivery companies:   UPS, FedEx, DHL, or USPS.  In the phony email you'll be instructed to open an attachment and print out a correct delivery label that you're supposed to take to the nearest (UPS, FedEx, DHL, or  USPS) office.
        Open the attachment, however, and you'll open your computer to malware and virus attacks. Delete the phony email.  The FedEx website posts this information.
     

, , ,

Watch Those Emails!

, , ,

        Jim Hamm sends this latest:  "You probably are already cognizant about this subject, but here's an article about protecting your computer against Java malware. I had disabled Java on my Mac some time ago but hadn't done so on my PC till now, when I read this article. However Java is used on a computer, I haven't noticed missing it once it was disabled.
       "In an unrelated malware incident involving attempted "phishing", I received an email a couple of days ago that looked like it was from Amazon thanking me for my order of Bose speakers for $120. Well, I hadn't ordered any speakers and there was different links in the message that one could click -- but I didn't click any of them. What was interesting was a message to the side that said this might be a "phishing" attempt. Have no idea how/why this was in the email. Anyway, I just deleted the email and checked to insure a charge hadn't got on our credit card for this amount. It hadn't. However, the document from Amazon sure looked real.
       "What with the proliferation of purchases online, think about all the places/websites where you have used your credit card — or at least I have. The bad guys are constantly on the prowl looking for ways to penetrate these websites — and your computer — to steal your credit card number. A life-long battle between them and us it seems," Jim comments. 

, , ,

Malware Attacks PowerPC or Intel Mac with Rosetta

, , ,

        Ever on the alert to help Mac users, Prez Art Gorski sends this info:  "Note that this malware cannot affect the latest version of Mac OS X. It is a PowerPC binary, which means it can only run on an old PowerPC Mac or an Intel Mac with Rosetta installed. Note also the Mac dialog box shown, which warns you not to trust this! That's why it's called social engineering, it depends on you clicking on it when you shouldn't."  Here's the article

, ,

Need Anti-virus Software? Or Not?

, ,

       Need anti-virus software?  Ward Stanke sends us some very useful information.  Read on:  Snow Leopard and Lion contain a malware blocker!  Here's an article from Macworld.  This malware blocker has been very quietly, but consistently, updated by Apple to handle the most dangerous, and the most recent, malware threats.  
        See this:   Mac Malware "Explosion" Missing In Action.
        Here's an excellent up-to-date web site about Macintosh malware....and an associated Macintosh Malware Catalog that rates the individual threat posed by each piece of malware.  Note that most of the threats listed were either rendered moot by an Apple update, or they never really worked, or they were never seen in the wild or in significant numbers.
        Mac OS X anti-virus software: More trouble than it's worth? Here's a review
       This is an article simply entitled "Wolf." It is about the press crying "wolf" for the past 7 years with regard to the "coming wave of Mac malware": Daring Fireball: Wolf!

, ,

Comparison of 5 Anti-virus Applications

, ,

        Let's hear from Prez Art Gorski, "Here's a quick review of anti-virus applications for the Mac.  I won't be installing any of these myself, but if you're worried about malware and don't mind the overhead of running this kind of software, give one of the free ones a try."
        Read about these 5 apps; two are FREE, and the others run from $39.95 to $49.95 a year.
        This is just in from Bobbie Pastor about Sophos, "This is a free download for your Mac.  John Carter considers this a good product."  See it here.

Why Macs Are Subject to Malware Attacks

        "Now here's an interesting theory about why Macs are increasingly subject to malware attacks: because anti-virus programs for the Windows platform are getting better and better. Huh? Read on. Low market share for OS X was, I feel, certainly a factor, in the past, for few malware attacks. Why waste a bunch of hacking effort on small potatoes? But it's interesting to read this guy's theory on another reason."  Thanks to Jim Hamm for sending along this info.

, , ,

More on Flashback

, , ,

        "The Flashback virus is real," emphasizes John Carter.  He elaborates on the issue, "There is a Java update available from Apple to fix the problem.
        "As a result of doing the latest Java update from Apple, I no longer have Java working on my iMac.
However, the update works on the Mac Mini and the MacBook Air.
       " I discovered this on my iMac by invoking the following command in Terminal:  java
        "The result was:    Unable to locate a Java Runtime to invoke
        "I went online and discovered that many people complained of the same thing.  It seems that installing the older version of Java fixes the problem, but then you leave yourself open to the Flashback virus."
        John continues, "I attempted to install the older version from a download from Apple, but the package detected the newer version and would not install. I guess you can only install the older version from the installation DVD.
        "At this point, since I am not doing any Java development I am not overly concerned about this 'bug' and I haven’t seen any problems with websites I’ve visited. Google Chrome has its own Java built into the browser and is the preferred browser now for surfing the web because it is immune to the Flashback virus.
        "Within the next week, Apple should be doing something about the problem caused by the update and put out a new update."

,

Summarizing the Malware Attempts

,

        "Here is an excellent article summarizing the current state of affairs regarding the Flashback Trojan."  Jim Hamm goes on to comment,  "As the use of Macs becomes more widespread in the computer world, I suspect, unfortunately, there may be more malware attempts in the future on the Mac.   One big concern I have is why Apple is so slow to respond to threats like this, as the article points out?"
        The article does state that "Apple has been introducing a series of technologies—tools like Address Space Layout Randomization (ASLR), sandboxing, and DEP—to reduce the chances of exploitation even when a Mac is vulnerable and to limit the potential damage of an attack. But these technologies aren’t perfect, especially when complex programs that run Web content like Java or Adobe Flash are involved.
        "Gatekeeper will significantly change the game for manually installed Trojans when it’s released later this year; it will make that form of attack much less profitable (and thus less likely)."

,

Keep Up to Date on Malware Info

,

        Here's an article from Macworld describing malware that can infect a Mac.  Jim Hamm writes, "To be safe, I disabled Java in Safari preferences.  If one should need Java occasionally for, say, a bank site, just enable it for that site."
        Today, 4-5,  David Passell sends along this link to the BBC claiming that more than half a million Apple computers have been infected with Flashback Trojan.
        If you do a search on Apple Discussions watch for the date to see if it's current information.  Here's one link about it.
       Now,  an article on how it works, how to detect it, and how to remove it.
        Today, 4-6, Jim Hamm writes that he's used the trojan-check from Mac2School's Ruth Davis.  She spoke to PMUG awhile back.  You can email her here for the very important virus information.

,

Smart Phone Vulnerability

,

        The smart phone is vulnerable to malware, as they're becoming (or already are) more like a computer than a phone.  Helping keep us informed of problems Jim Hamm sends us several links.  He points out there are a couple of apps for the iPhone: AntiVirus Lite and Virus Barrier.  Jim says at this point he hasn't researched either to see if they would be worthwhile to run.
        Here's an article from Gizmodo discussing the VirusBarrier.  An article from the NewYorkTimes (1-25-12) writer Kate Murphy claims that an engineer at the Georgia Tech Research Institute can hack into your cellphone just by dialing the number.  He can remotely listen to your calls, read your text messages, snap pictures with your phone's camera and track your movements around town -- not to mention, access the password to your online bank account.  The engineer told her it was trivial to hack into a cellphone and that the instructions on how to do it are available online.
        Keep up with this sensitive topic.  We'll be hearing more . . .

, , ,

Bogus Flash Installer & Other Warnings

, , ,

     The eagle eyes of Jim Hamm have found some valuable info on how to avoid malware.  He sends this MacWorld article which describes the problem of a bogus Flash installer and gives a solution, along with a list of similar articles.  One point is to make Safari safer by going to Safari > Preferences > General and unchecking where it says "Open 'Safe' files after downloading."  This second article tells about safe downloading.

,

iOS Malware

,

"I just ran across this article about mobile malware attacks and according to their assessment, iOS (the operating system for iPhone and the other Apple mobile stuff) hasn't had a significant new malware attack," Allen Laudenslager reports. He goes on, "A lot of people have claimed over the years that Apple computers have not been attacked simply because they don't sell enough to make it worthwhile for the people writing viruses and malware to bother. Seems that even with the huge share of phones and internet linked iPods out there the hackers are still not bothering to create attacks. Could that be because it's so much harder to attack the Apple operating systems than to attack Windows?"