Macs impervious to Malware? Think again.

Computers showing malware and virus warnings

In the past, before the rise of Apple that began at the turning of the Millennium, it was quite rare for Apple’s computers to be the targets of viruses, trojans, worms, and other types of malware. Those were usually reserved for the Microsoft Windows platform, more popular at the time and less controlled than the MacOS.

However, in today’s times of the internet and the popularity of Apple, there’s greater risk of being susceptible to attacks from malware. These attacks usually occur when accessing links or files, such as clicking on ad banners online, downloading software from crowd-sharing means such as through torrent files, and clicking on attachments in emails, even if those emails are from known sources.

One recent malware called “Searchmine.net” is an example of malware that infects the MacOS. It targets web browsers such as Chrome, Safari and Firefox. The malware has the ability to change the browser’s homepage, new tab page or default search and take measures to prevent users from changing those settings back. This can allow the malware designers to track users’ browsing habits, and target them with customized ads, or sell this information to 3rd parties.

Unfortunately, accessing the location where the application is installed and removing it will not cure the issue, as this malware is persistent. Scanning with an application like Malwarebytes, frequently used to assist in detection and removal of items such as this, will be fruitless as well, as Malwarebytes has difficulty detecting the application. With Malwarebytes being ineffective, the next step of researching online for other tools to remove Searchmine can reveal potential solutions. However, some of these “solutions” could actually be additional malware that cause additional problems. And they are not inexpensive to use, even if they don’t have bad intentions and actually solve the problem.

For users of the Chrome browser, a recent tool developed by a product expert appears to remove the malware through the running of a script in the MacOS Terminal application. The Terminal application is a way to run processes and navigate the Macintosh file structure through a text command line interface. This script method has been shown to work. Instructions on its use can be seen at this link. If you have questions on its use or need assistance, don’t hesitate to contact us.

As for users of Safari and Firefox, the solutions don’t appear to be as clear. It is best to contact us to ask questions or have us address the issue . As a general tip for users, it is a smart move to not download files from sources that are not trustworthy. Also avoid clicking on banners on sketchy websites, and beware of clicking on email attachments, especially from untrustworthy sources.

For users with recent versions of the MacOS, you can read this site on how to take some steps to protect your Mac from malware. For Safari users, this page on Apple’s site explains how to block pop-ups in Safari, and gives tips on dealing with pop-ups in general to protect the user’s system from potential infections.

Tips for resolving iCloud password issues

Person holding iCloud picture with Blue Sky in the background

On July 4th, Apple experienced issues with most of its iCloud services, per this site. End-users were having trouble signing into iCloud and accessing their accounts, along with Photos, Mail, Backup, Find My Friends, Contacts, Calendars, and more seeing downtime. Apple Stores were also reportedly affected by the outage and were not able to process transactions.

While this issue was eventually resolved by Apple, there could be other times where iCloud has issues and end-users are asked for a password. End-users will tend to try their known password, which in these times will not work. After trying multiple times, end-users will then think they have the wrong password and try another password, which gets saved in the keychain and is wrong. 

This will result in the following scenario for the end-user: 

  • Lost access to their account.
  • Not understanding why they lost access.
  • Not knowing what password is the truly correct password.

This can lead to all sorts of issues. For example, Denial of Service attacks can be leveraged to get end-users to use side channels, and these side channels can be loaded with spam and other undesirable internet materials. In the event there are issues with iCloud and passwords, it is recommended to do the following procedure:

  • At the first prompt for a password for an account that has been working fine up to that point, just ignore for a few minutes. 
  • After this, the first move should be to power cycle the computer (shut it down (not restarting), giving the computer 5-10 seconds to rest, and then powering it back on). 
  • If it is still asking for a password that worked previously, check for service interruptions and/or contact tech support. 
  • If the account is of security concern, consider logging into the account via a different method and reset the account password. 
  • Make sure you didn’t get locked out by a hacker. It is important that you determine this ASAP because the longer you wait after they log you out, the more time they have to get into other accounts and lock you out. 
    • If you find you have been locked out of your account, change passwords in your other accounts, starting from highest priority to lowest.

If you have any questions, or would like to discuss further, let us know!

IMPORTANT: Voluntary Recall/Replacement Program for certain MacBook Pro laptops

Apple MacBook Pro sitting on a wood desk

Per this notice on Apple’s website on June 20th, Apple announced a voluntary recall of a limited number of older generation 15-inch MacBook Pro units which contain a battery that may overheat and pose a safety risk. The units were sold primarily between September 2015 and February 2017 and can be identified by their product serial number. The recall does not affect any other 15-inch MacBook Pro units or other Mac notebooks.

This article details that users who have MacBook Pros that were manufactured should check to see if their computer is involved. Instructions are given on how to check for this in the linked website above. This is vitally important due to the potential safety hazard involved with affected computers.

Please let us know if you have any questions or would like to discuss further.

Did you know: Easy way to add items to the Mac Dock

Apple Macintosh Desktop with Dock displayed

Most users know that it’s possible to add items to the macOS dock by dragging and dropping an icon onto the Dock. However, there’s another way that you can add anything instantly to the Dock on macOS with a keyboard shortcut.

Here’s the process:

  • Navigate to the item you want to add to the Dock in the Finder
  • Select the item to add to the Dock in Finder
  • Now hit the keyboard shortcut: Control+Shift+Command+T

If you’d like to know other time-saving tips, let us know!

Google urges Chrome users to upgrade to latest version

MacBook Pro with Google website displayed

Due to a security vulnerability, Google is urging users of their Chrome web browser to update to the latest version. As the article mentions in the first link below, Chrome updates are usually automatically performed.

To see the current version of Chrome on a Mac, you can access the Chrome menu in the top left while in the browser and choose “About Google Chrome”. The second of two links below explains how to check if on a Windows-based PC.

This is another example of ensuring that your software is kept up to date.

https://www.pcmag.com/news/367015/stop-what-youre-doing-and-update-google-chrome

https://www.pcmag.com/feature/364079/how-to-update-google-chrome/2

Hackers use malicious Windows file to access MacOS

Mouse pointer hovering over the word "Security"

Hackers are utilizing the file type “.exe” to unload malicious software onto MacOS powered computers. As the article linked below mentions, by default, .exe files won’t run on a Mac. The malicious download worked around this limitation by bundling the .exe file with a free framework known as Mono. Mono allows Windows executables to run on MacOS, Android, and a variety of other operating systems.

Users should be cautious of downloading any software from insecure resources such as Torrent sites. Torrent sites provide users with the ability to download any type of software, movies, games, etc, which leads to a “Wild West” scenario, where all bets are off with the type of files that you’re actually downloading.

It’s also wise to ensure children are not accessing these sites either, and to block access to Torrent resources on company networks.

https://arstechnica.com/information-technology/2019/02/clever-trick-uses-windows-executable-file-to-install-malicious-payload-on-macs/

Beware Malicious Internet Browser extensions

Apple iPhone showing Google Chrome logo

A quick summary from the article of steps to take in regards to browser extensions that can be installed for Chrome and other similar Web browsers:

  • Don’t install software that you cannot read and asks for intrusive permissions.
  • If something seems off, it probably is. Evaluate what might cause your user journey to change.
  • Periodically evaluate what extensions you have on your browser — remove those you don’t use anymore.
  • If you have an extension on your browser that you use, seek an open-source version/alternative or disable automatic updates from the Chrome store — make sure you audit the code or find someone reliable and trustworthy to.

https://medium.com/mycrypto/the-dangers-of-malicious-browser-extensions-ef9c10f0128f