02/10, 7:40pm
Android malware, RootSmart, infecting phones
A new piece of Android malware is afflicting thousands of users. North Carolina State University professor Xuxian Jiang, who documented the nature and behavior of RootSmart last week, believes that between 10,000 to 30,000 user devices are connecting to a botnet without their knowledge everyday. Most of the affected users thus far are located in China and have installed the GingerBreak root access tool for Android 2.3 (Gingerbread).
more
01/19, 1:40am
More than before, but not consummate with growth
The Mac platform saw a modest increase in malware outbreaks in 2011 over years past, but still "a small fraction" when compared to Windows, said security firm F-Secure. It added that while malware attacks were increasing, the rate of increase was not commensurate with the growth of the platform, suggesting that most exploits tend to come from programs rather than flaws in the OS itself. In all, the company identified 58 separate threats in 2011, most stemming from a handful of vulnerabilities.
more
10/31, 9:05pm
Steals GPU time, tries to capture passwords, more
Anti-malware makers Sophos and Intego have warned of a new Mac OS X Trojan Horse that hides inside pirated software, specifically GraphicConverter v7.4. The malware, known as OSX/Miner-D or "DevilRobber," steals GPU time to generate counterfeit Bitcoins (part of anonymous digital cash system) and also attempts to steal usernames and passwords through periodic screen captures. It also sends information about the Mac's security setup and browsing history to a remote server.
more
05/31, 9:35pm
Malware spotted in 20 titles in Android Market
Several months after Google pulled a long list of titles from the Android Market to help protect users against Malware, the platform has reportedly been targeted by a fresh scam. Security software company NetQin claims to have found malware contained in over 20 Android apps, causing devices to auto-dial phone numbers or send text messages that lead to unwanted fees.
more
04/26, 6:30pm
Introduces Plus version, more frequent updates
Intego today updated its free VirusBarrier Express anti-malware program to version 1.1, improving and simplifying the program's malware definition update system. The company will now update malware definitions at least once a month, and without charge (a change from the previous system) and will now limit itself to Mac malware definitions (another change). The company also introduced a new product, VirusBarrier Plus, also sold exclusively through the Mac App Store, that guards against both Mac and Windows malware so that Mac users don't pass on Windows viruses or malware (which won't affect the Mac) on to Windows-using friends accidentally.
more
03/02, 5:40am
Current model leaves users vulnerable
Google has taken steps to address the rising malware problem that threatens to plague the platform. According to a report
from Mashable, Google has pulled 21 apps from the Android Market that have been identified as being aimed at gaining root access to a user’s personal data. While proponents for Google’s platform often deride Apple’s iOS platform for being “closed” and for Apple’s App Store approval process, Google’s stance has seemingly left its users vulnerable to serious security threats.
more
11/19, 7:20pm
Java exploits seen as a growing threat
Anti-virus software maker Sophos -- who recently introduced a free Mac Home Edition of their anti-malware program -- have gathered the statistics generated by their 150,000-strong Mac user base to compile a snapshot report on threats facing the platform. While the results tacitly admit the lack of actual Mac viruses and the low incidence of other Mac-specific malware, the company says the risk of Mac-specific or platform-independent non-virus malware -- and the need for detection software -- is growing.
more
11/04, 3:10am
Collects user info; removal tool available
The SecureMac team along with ESet Security have identified a new variant of the trojan horse malware they call "Boonana" (Intego and other firms refer to it as a form of the Windows trojan "Koobface," for reasons SecureMac disputes) that uses even crueler trickery in an attempt to convince users to install it. In addition, the companies has identified new servers actively collecting keylogged data such as user names and passwords. Though easy to prevent infection or remove if infected, the refined setup and misleading nature may fool novice users.
more
10/14, 8:05pm
Features new interface, rules editor
Intelus, makers of MacVide, have updated their network firewall application ProteMac NetMine to v2, bringing with it an all-new interface and new firewall rules editor as well as real-time connection requests. The two-way firewall protects Macs from malicious attacks or software from both internal and external network sources, providing protection from hackers, keyloggers, malware and unauthorized program use.
more
04/16, 1:15pm
Malware can set up its own server on infected Mac
Intego has sent out an alert to a new form of Mac malware called HellRTS. It is a low risk backdoor code allowing remote users to take control of a computer. The RealBasic-built, universal code can set up its own server on an infected Mac, configure a server port and password. It duplicates itself, using the names of Mac applications, adding the new applications to a user's login items, ensuring that it starts up at login. It sends e-mail via its own mail server, contacting a remote server to give access to an infected Mac.
more
11/18, 6:55pm
Flash blocking improved with new features
The Camino Project has released an update to its self-titled browser for Mac OS X. Version 2.0 adds a tab overview feature that allows users to quickly browse all open tabs in a layout preview. Tabbed browsing has also been improved with drag-and-drop rearranging, a scrollable bar, and a dedicated menu listing all of the open tabs.
more
08/25, 9:15pm
Snow Leopard antivirus
The upcoming Snow Leopard update reportedly contains new anti-malware functionality, according to the Mac security company Intego. A number of beta testers have noticed a new warning screen that alerts users to malicious code. A leaked screenshot shows an alert dialog for an RSPlug Trojan contained in a disk image downloaded through Safari.
more
08/11, 3:25pm
Mac Trojan spotted
TrendMicro has spotted another Domain Naming System (DNS) Trojan targeting Mac systems. The malware, known as OSX/Jahlav-D, masquerades as a MacCinema Installer. Users are prompted to update QuickTime Player by downloading a QuickTimeUpdate.dmg file.
more
06/11, 12:05pm
New Mac malware circulates
A new piece of Mac-targeted malware has entered the wild, say security researchers with ParetoLogic. Dubbed OSX/Jahlav-C, the software is currently associated with a website called PornTube, and is described as a Trojan concealing itself as an ActiveX object needed to run video. The approach is somewhat unusual in that ActiveX is uniquely associated with Windows, and therefore less likely to deceive a Mac user.
more
06/10, 12:40pm
Apple security attitude
Apple has changed its attitude towards viruses and malware on the Mac, claims security firm Intego. Apple last year issued an advice statement admitting that "since no system can be 100 percent immune from every threat, antivirus software may offer additional protection." In announcing more features of Mac OS X Snow Leopard, Intego notes that Apple has taken a more stringent approach, for instance implementing code changes like sandboxing, library randomization and execute disables; each limits the potential damage of an outside threat.
more
04/17, 9:40am
Mac-based botnet active
The first known botnet to exploit Mac OS X has been activated, security researchers claim. The network is believed to have been put in place by iServices, a Trojan infection accompanying some pirated versions of iWork '09 and Photoshop CS4. Although downloaded at least 20,000 times by the end of January, the Trojan's payload has remained dormant for some time, in the same manner as many Windows botnets.
more
03/31, 11:40am
Conficker no Mac threat
Mac owners are unlikely to be affected by the Conficker worm, claims security firm Intego. The worm -- also known as Downadup and Kido -- has already infected a number of Windows computers, and is expected to become active on Wednesday. Though the exact behavior it will exhibit is unknown, researchers are said to believe that it will connect to remote servers to download code, and then become malicious.
more
01/26, 10:50am
Mac trojan hits Photoshop
A second Mac trojan is being spread through pirated software, Intego warns. Following the discovery of a trojan linked with copies of iWork '09, the security firm says it has now found a variant, attached to pirated versions of Photoshop CS4. OSX.Trojan.iServices.B also grants a remote user root access; the new trojan is associated with the crack application however, and is spawned under a different name whenever the crack is run.
more
01/22, 10:35am
Trojan linked with iWork
A new Trojan attack has been linked with illegal copies of iWork '09, says Intego. The security firm notes that in some copies of iWork found on BitTorrent sites -- and other pirating venues -- a Trojan dubbed OSX.Trojan.iServices.A is attached, masquerading in the form of a package file called iWorkServices. When the iWork installer is launched, iWorkServices is launched as well; while this may be halted by a request for an administrator password, Intego warns that Mac OS X 10.5.1 and earlier will install the Trojan without further prompting.
more
12/10, 4:40pm
First Look: iAntiVirus
Many Mac anti-virus programs waste their time scanning for Windows contaminants. While this may be fine if you need to share files with Windows users, you may not want a program that gobbles up excess memory and processing time just to protect against malware that can never even hurt your own hardware. If you’d rather have an anti-virus app that focuses solely on keeping Macs virus-free, one option is PC Tool’s iAntiVirus.
more
12/03, 9:40am
RSPlug.E Trojan manifests
A third variant of the RSPlug Trojan has appeared online, says security firm Intego. Following in the wake of the RSPlug.D version, Intego notes that another mutant copy called RSPlug.E has appeared. The new Trojan is said to be very similar in scope to D, being mainly found on dubious pornography sites, and equipped with a downloader that installs files from a remote server.
more
11/24, 9:30am
OSX.Lamzev.A malware
A second piece of Trojan-like malware is currently threatening Macs, say security vendors. OSX.Lamzev.A, also known as OSX.TrojanKit.Malez, allows hackers to install a backdoor on a victim's computer and thereby assume control of it. The software is said not to be a true Trojan, however, as an attacker must already have access to the target Mac to make use of the code.
more
11/18, 11:20am
RSPlug.D Trojan hits Macs
A new version of an existing Trojan poses a significant threat to Mac users, claims the Intego security firm. Based on RS.Plug.A, the RSPlug.D Trojan is said to find its way onto computers through malicious websites, namely several less scrupulous porn sites. On visiting a particular page a person will be greeted with a "Video ActiveX Object Error," stating that their browser cannot play a particular video; it then asks people to download the ActiveX object in question.
more
10/17, 1:15pm
Fake Mac security tool
Mac users should be on guard against a fake Mac security tool being distributed online, says the Intego security firm. The program, called MacGuard, claims to scan a computer for "adware, spyware and trojans," and then eliminate them; in reality the app is actually a version of existing Windows malware, which has already infected as many as 30 million people worldwide. The latter assumes control of a person's computer, and displays messages warning about a false infection in an attempt to get users to pay money.
more
07/29, 2:35pm
RealPlayer exploit fix
RealNetworks is urging Mac users to upgrade to version 11.0 of its RealPlayer application, due to a potential security exploit. The malware research site Secunia rates the problem as "highly critical," with potential risk of malicious system access and exposure of sensitive information. The vulnerability affects Realplayer v10 and v10.1 for Mac OS X. The company did not issue a patch, but is instead urging users to upgrade to RealPlayer 11.0. The company says there is a problem with Realplayer's ActiveX import method buffer overflow.
more
07/22, 12:05am
PC Tools iAntiVirus
Anyone who has used a Windows PC knows that you absolutely must have an anti-virus program or else your computer will likely crash the moment you connect to the Internet. Fortunately, the Mac has remained largely untouched by the variety of malware (viruses, worms, Trojan Horses, and spyware) that plagues PCs. However, with the growing popularity of the Mac, it’s inevitable that more people will start writing malware for the Mac. Although you don’t need an anti-virus program for the Mac just yet, you might feel safer knowing that a free one exists called PC Tools iAntiVirus.
more
06/28, 2:25pm
IAntiVirus Beta released
Security software developer PC Tools has just released a beta of iAntiVirus, its first security software for the Mac. The company says iAntiVirus uses less memory and system resources than similar security applications because it ignores Windows viruses and only removes malware intended for the Mac. “Let’s face it, malware is (now) a business,” said Michael Greene, PC Tools Vice President of Product Strategy. He says rapid growth in Mac market share has made the platform a profitable target for organized identity theft.
more
06/17, 1:20pm
Firefox 3
Though servers offering the software are currently buckling and inaccessible to many users, Firefox 3.0 on Tuesday has made its debut with the Mozilla organization looking to set a record for browser downloads. The major new release of the open source Web browser is available today in approximately 50 languages, and is purportedly three times faster than its predecessor, offering "15,000 improvements" including a smart location bar and malware protection. The new Firefox 3 smart location bar, dubbed "Awesome Bar" by Mozilla, adapts to user entries over time. The Firefox 3 Library archives browsing history, bookmarks, and tags, where they can be searched and organized.
more
