Macs impervious to Malware? Think again.

Computers showing malware and virus warnings

In the past, before the rise of Apple that began at the turning of the Millennium, it was quite rare for Apple’s computers to be the targets of viruses, trojans, worms, and other types of malware. Those were usually reserved for the Microsoft Windows platform, more popular at the time and less controlled than the MacOS.

However, in today’s times of the internet and the popularity of Apple, there’s greater risk of being susceptible to attacks from malware. These attacks usually occur when accessing links or files, such as clicking on ad banners online, downloading software from crowd-sharing means such as through torrent files, and clicking on attachments in emails, even if those emails are from known sources.

One recent malware called “Searchmine.net” is an example of malware that infects the MacOS. It targets web browsers such as Chrome, Safari and Firefox. The malware has the ability to change the browser’s homepage, new tab page or default search and take measures to prevent users from changing those settings back. This can allow the malware designers to track users’ browsing habits, and target them with customized ads, or sell this information to 3rd parties.

Unfortunately, accessing the location where the application is installed and removing it will not cure the issue, as this malware is persistent. Scanning with an application like Malwarebytes, frequently used to assist in detection and removal of items such as this, will be fruitless as well, as Malwarebytes has difficulty detecting the application. With Malwarebytes being ineffective, the next step of researching online for other tools to remove Searchmine can reveal potential solutions. However, some of these “solutions” could actually be additional malware that cause additional problems. And they are not inexpensive to use, even if they don’t have bad intentions and actually solve the problem.

For users of the Chrome browser, a recent tool developed by a product expert appears to remove the malware through the running of a script in the MacOS Terminal application. The Terminal application is a way to run processes and navigate the Macintosh file structure through a text command line interface. This script method has been shown to work. Instructions on its use can be seen at this link. If you have questions on its use or need assistance, don’t hesitate to contact us.

As for users of Safari and Firefox, the solutions don’t appear to be as clear. It is best to contact us to ask questions or have us address the issue . As a general tip for users, it is a smart move to not download files from sources that are not trustworthy. Also avoid clicking on banners on sketchy websites, and beware of clicking on email attachments, especially from untrustworthy sources.

For users with recent versions of the MacOS, you can read this site on how to take some steps to protect your Mac from malware. For Safari users, this page on Apple’s site explains how to block pop-ups in Safari, and gives tips on dealing with pop-ups in general to protect the user’s system from potential infections.

IMPORTANT: Voluntary Recall/Replacement Program for certain MacBook Pro laptops

Apple MacBook Pro sitting on a wood desk

Per this notice on Apple’s website on June 20th, Apple announced a voluntary recall of a limited number of older generation 15-inch MacBook Pro units which contain a battery that may overheat and pose a safety risk. The units were sold primarily between September 2015 and February 2017 and can be identified by their product serial number. The recall does not affect any other 15-inch MacBook Pro units or other Mac notebooks.

This article details that users who have MacBook Pros that were manufactured should check to see if their computer is involved. Instructions are given on how to check for this in the linked website above. This is vitally important due to the potential safety hazard involved with affected computers.

Please let us know if you have any questions or would like to discuss further.

Mail users reporting issues with Gmail after macOS update

Triangular red border Road sign showing caution

As noted on a number of complaints across Apple related sites, the newest update of macOS (10.14.4), which was released a few days ago, causes issues with authentication when attempting to sign into a user’s Gmail account. Users are reporting receiving an endless loop, bouncing between macOS and Google’s sign-in page in Safari.

Because of this, it is recommended not to upgrade to OS 10.14.4 if you use Gmail within your Mail application until Apple releases an update and it’s verified as a fix for the issue.

It appears this is a verified issue per discussions on the Apple Support site. Attempting to use a different browser such as Chrome does not succeed as a work-around, as the Mail application interacts directly with Safari in this process.

Apple Mail can also exhibit other intermittent issues for some users, such as not showing a message as replied-to where a user had just replied. If you are noticing any odd issues such as this, restart your Mail application.

You can read more about the Mail/Gmail 10.14.4 issue here. As always, if you need assistance, we’re here to help!

Google urges Chrome users to upgrade to latest version

MacBook Pro with Google website displayed

Due to a security vulnerability, Google is urging users of their Chrome web browser to update to the latest version. As the article mentions in the first link below, Chrome updates are usually automatically performed.

To see the current version of Chrome on a Mac, you can access the Chrome menu in the top left while in the browser and choose “About Google Chrome”. The second of two links below explains how to check if on a Windows-based PC.

This is another example of ensuring that your software is kept up to date.

https://www.pcmag.com/news/367015/stop-what-youre-doing-and-update-google-chrome

https://www.pcmag.com/feature/364079/how-to-update-google-chrome/2

Hackers use malicious Windows file to access MacOS

Mouse pointer hovering over the word "Security"

Hackers are utilizing the file type “.exe” to unload malicious software onto MacOS powered computers. As the article linked below mentions, by default, .exe files won’t run on a Mac. The malicious download worked around this limitation by bundling the .exe file with a free framework known as Mono. Mono allows Windows executables to run on MacOS, Android, and a variety of other operating systems.

Users should be cautious of downloading any software from insecure resources such as Torrent sites. Torrent sites provide users with the ability to download any type of software, movies, games, etc, which leads to a “Wild West” scenario, where all bets are off with the type of files that you’re actually downloading.

It’s also wise to ensure children are not accessing these sites either, and to block access to Torrent resources on company networks.

https://arstechnica.com/information-technology/2019/02/clever-trick-uses-windows-executable-file-to-install-malicious-payload-on-macs/