Malwarebytes Yosemite

Posted onby admin

Two serious bugs affecting Macintosh computers can leave your computer riddled with malware -- or even permanently controlled by a hacker.

On the Windows platform, Malwarebytes is the go-to solution when a pernicious malware infestation resists removal. Tech support agents from other security companies have been known to enlist help. Yosemite lists those programs in a hidden file called Sudoers. But the bug allows malware to be listed in the Sudoers file as well. That means the malware can install any file in any part of the. Malwarebytes for Mac requires macOS 10.10 (Yosemite) or higher, including macOS 10.11 (El Capitan) and macOS 10.12 (Sierra). It currently will not work on macOS 10.13 (High Sierra) betas, but that will be fixed in the Malwarebytes for Mac 3.1 release in September, prior to the release of High Sierra. Malwarebytes Anti-Malware for Mac is a free utility that will eliminate malware and adware from your Mac quickly and efficiently. It's not the most powerful or versatile program (it's a rebranded.

In one instance, security researchers uncovered a new vulnerability that lets hackers install adware like VSearch without ever asking for your password. VSearch is nasty malware that inundates your Mac with pop-up ads and redirects you to a different search engine when you try to use Google.

Best Antivirus For Mac

The bug was made public last week by Stefan Esser, a German security researcher. But rather than contact Apple(AAPL) first (the generally accepted protocol with new bug discoveries), Esser disclosed the bug to the public on his blog.

Security company MalwareBytes said in a blog post Monday that hackers have already taken advantage of the bug Esser found, attacking Macs using the newfound vulnerability.

Malwarebytes Yosemite

Esser did not respond to a request for comment.

The bug takes advantage of the way that Mac OS X 10.10 (Yosemite) decides which programs can make changes to your computer without your password. Yosemite lists those programs in a hidden file called Sudoers. But the bug allows malware to be listed in the Sudoers file as well.

That means the malware can install any file in any part of the system.

In the hack discovered by MalwareBytes, attackers installed notorious Mac malware including VSearch, MacKeeper and Genieo, and it launches a pop-up window that tells the Mac's owner to install the Download Shuttle app on the Mac App Store.

The only known fix has been provided by Esser himself.

Esser noted the bug has been fixed in an upcoming patch to Yosemite as well as a beta version of OS X 10.11 (El Capitan). That's because Apple has known about the vulnerability for a while, according to MalwareBytes. Security researcher who goes by '@beist' on Twitter informed Apple of the bug long before Esser discovered it.

Mac

A spokesman for Apple did not respond to a request for comment.

Meanwhile, a second group of security researchers found a potentially more serious bug that can permanently turn over control of your Mac to a hacker.

Even the most vicious malware can typically be deleted off your computer by reinstalling your operating system. But a new vulnerability found in Macs allows attackers to install malware in the computer's firmware, which is responsible for booting up your computer and sits one level below the operating system.

Unless you know how to electrically reprogram chips, your computer is essentially toast if it gets hit with this bug.

'For most users that's really a throw-your-machine-away kind of situation,' researcher Xeno Kovah told Wired, which first reported the story. 'Most people and organizations don't have the wherewithal to physically open up their machine and electrically reprogram the chip.'

Kovah, along with researchers Trammell Hudson and Corey Kallenberg demonstrated a preview of their findings on YouTube, which they plan to present at this week's Black Hat cybersecurity conference in Las Vegas.

The researchers said that they developed a computer worm dubbed 'Thunderstrike 2,' which can take advantage of the serious bug.

Yosemite

The worm can be installed just like most malware: by clicking on the wrong link or falling for a phishing scheme. Once installed, the malware gets even nastier -- it looks for devices connected to your Mac, such as a Thunderbolt Ethernet adapter, which then get loaded with the worm.

When someone else uses your infected adapter, their Macs get infected too.

This is the second firmware bug that the researchers uncovered. Apple fixed the first one recently.

CNNMoney (New York) First published August 4, 2015: 9:11 AM ET

The team over at Malwarebytes has recently discovered what they’re calling “the first Mac malware of 2017”. The Fruitfly malware has been using antiquated code to help it run undetected for quite some time on macOS systems. It has reportedly been used in targeted attacks at biomedical research institutions.

The malware, which Malwarebytes’ software detects as ‘OSX.Backdoor.Quimitchin’, contains code that dates before OS X. Some of the code even shows signs of potentially running on Linux, leading the team to believe that the malware may have had or has a form of it on that operating system as well. The malware was discovered when an IT administrator noticed irregular outgoing network activity from a specific Mac.

Containing just two files, the malware uses a hidden script to communicate back to servers, take screenshots on both Mac and Linux, and grab the system’s uptime. The script also executes a secondary script and Java class with the ability to hide its icon from showing in the macOS Dock. Malwarebytes reports that the malware looks as though its primary intention is to grab screenshots and gain webcam access.

What’s most interesting is that the malware is using antique system calls to operate. A few of them including: SGGetChannelDeviceList, SGSetChannelDevice, SGSetChannelDeviceInput, and SGStartRecord. The malware is even running libjpeg code, an open source project to read and write JPEG images last updated in 1998.

Malwarebytes did further digging into the malware and discovered it had even gone through changes to “support” Mac OS X Yosemite indicating the malware is at least older than late-2014. The old code, and update to support Yosemite of course doesn’t indicate the exact malware’s creation date. Using old system calls the way it does, the malware’s developers could have purposefully made these code choices to avoid detection.

Malwarebytes For Mac Yosemite

Malwarebytes indicates that Apple calls this malware Fruitfly and that an update should be released soon to resolve the issue.

FTC: We use income earning auto affiliate links.More.