Compared to Windows users, Mac users have been relatively unaffected by malware attacks. Cybercrooks, however, are just as aware as antivirus vendors are about Mac vulnerabilities. With the growing number of Mac users, cybercrooks see more potential for malicious activities, especially as Mac users tend to have a false sense of security and not usesecurity software. You only have to read this blog to learn that cybercrooks are adapting Windows malware to target their Mac counterparts.
We should never underestimate Mac security. Avast! Free Antivirus for Mac offers free protection against the latest malware designed to attack Mac operating systems. As all other Avast security products, the Mac version participates in frequent, independent tests. Recently avast! Free Antivirus for Mac was not only certified by AV-TEST but it also received 100% in the latest Mac Security Test & Review conducted by AV-Comparatives in July-August.
We are proud to share the results with you!
More about AVAST’s performance in both tests.
A major Apple security flaw allows cybercrooks and spies to grab personal information like email, credit card numbers, and other sensitive data. Apple confirmed researchers’ findings that the same SSL/TSL security flaw fixed with the latest iOS 7.0.2 update is also present in notebook and desktop machines running OS X.
Please apply the patches as advised in this post.
It is clear that we need constant protection to cover flaws that will always exist; flaws that we are not even aware of. Reuter‘s reported that
The bug has been present for months, according to researchers who tested earlier versions of Apple’s software. No one had publicly reported it before, which means that any knowledge of it was tightly held and that there is a chance it hadn’t been used.
But documents leaked by former U.S. intelligence contractor Edward Snowden showed agents boasting that they could break into any iPhone, and that hadn’t been public knowledge either.
It’s very public now, and that means the race is on between cybercrooks to exploit the flaw and Apple to fix it. You are exposed until the bugs are identified by the vendor, a patch is created, and it’s pushed out or you install it. Your vulnerability increases when you use public WiFi Hotspots.
Your best protection is constant protection
It’s precisely because we put ourselves at risk by using free WiFi, and we don’t know when the next security crisis is coming that we need constant protection. SecureLine VPN is that protection. Read more…
Apple iPhone, iPad, and iPod users: Update your mobile operating system iOS now to patch a serious SSL encryption bug that opens you wide to a “man-in-the-middle-attack,” (MITM) especially when you use unsecured WiFi, for example at a cafe, hotel, or airport, even at your home. The flaw is “as bad as you could imagine” says one cryptography expert.
What is protected and what’s not
The 7.0.6 update is for all devices that can run iOS 7; iPhone (4 and later), iPod touch (5th generation) and iPad (2nd generation).
The iOS 6.1.6 update is for the iPhone 3GS and fourth-generation iPod touch.
ATTENTION: The bug still exists in Apple’s Mac OS X 10.9.1 desktop operating system and there is no patch for it at this time.
- 1. Plug the device into your computer
- 2. Open iTunes
- 3. Click the device name
- 4. Click the button that says, “Check for update”
The best protection is VPN
This security flaw allows a cybercrook to use an insecure WiFi connection to put a man electronically “in the middle” of the transactions you make on your iPhone or iPad to intercept data.
“The flaw is in SSL, and the easiest way to exploit that is via unsecure/public WiFi,” said Ondřej Vlček, AVAST’s COO told Apple users in San Francisco before the annual RSA conference begins. “avast! SecureLine VPN for iOS can protect against the Apple security bug.”
The MITM attack gives them access to the information you thought was secure like credit card numbers. The best protection is to plug that hole with a VPN product.
How to get avast! SecureLine
avast! SecureLine VPN is available as a monthly or yearly subscription for iOS in the Apple App Store.
Watch this video for more information on avast! SecureLine VPN
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.
By definition, Adware is a program bundle which renders advertisements in order to generate revenue for its author. In a more strict sense, e.g. for security solutions, it means an application/installer whose nature lies somewhere between a potentially unwanted application and proper malware, like Trojans or Spyware. It might use more or less aggressive methods, starting with tricks and ending with fraud, to achieve its goals to benefit its distributor, while staying as innocent as possible on first sight. We blogged about an adware downloader a year ago.
Now we focus on two selected adware examples: The first is a Windows installer called Linkular and the second is a well-known application called Genieo (with a focus on its OS X version.) Being in the wild for a few months, the detection within AV products reached only partial coverage in both cases, with very similar numbers on VirusTotal (~10-20 %, see Sources below). However, the OS X adware Genieo is additionally flagged by OS X-specific security solutions. Considering maliciousness, the Windows adware is far more dangerous and invasive than the OS X one and also more than other Windows Adware examples we usually see. Here’s the comparison:
|Distribution strategy||Advertisement Network||unknown|
|Software Download site||coolestmovie.info||www.genieo.com|
|Rank on alexa.com||~4200||~3000|
|Masking||VLC Player + Addon||Flash Player (*)|
|Payload||SpeedUpMyPC; Multiplug; Bitcoinminer;OneStep/BasicServe||Codemc; Photo.it; Qtrax(**)|
|Change of browser start page||YES||YES|
|Persistance||YES (of payload)||YES|
|Obfuscation||YES (of payload)||NO|
|Digitally signed||YES (both installer & payload)||YES|
(*) masking is not connected with the official site, but some of its distribution partners
(**) related to older installers; not presented anymore
Compared to Windows, Mac users have been relatively free from malware attacks. But cybercrooks are just as aware as antivirus vendors of the behavior of users and their false sense of security and their habit of browsing the internet without security software. You only have to read this blog to learn that cybercrooks are adapting Windows malware for use on their Mac counterparts.
AVAST aces malware detection test
Over 300 malware samples and 35 applications were used to measure the effectiveness of products built specifically for Mac in a recent SecuritySpread.com test. Multiple machines running different operating systems were used to ensure the reliability of the test, and for real-world results, Macs that are used every day for a range of tasks from web development, media center, movie editing to gaming were included. avast! Free Antivirus for Mac had the highest detection rate among them all. The results can be found here.
The Security Spread test was done with avast! Free Antivirus for Mac 7, but in preparation for the official public release of Mac OS X 10.9, aka Mavericks, avast! Free Antivirus 8.0 has been released. The changes are mostly under the hood, and it requires version 10.6.8 or newer. Download it here.
On Friday, July 12th a warning from an AVAST fan about a new polymorphic multisystem threat came to an inbox of AVAST. Moreover, an archive of malicious files discussed here were attached. Some of them have been uploaded to Virustotal and therefore they have been shared with computer security professionals on the same day. A weekend had passed by and articles full of excitement about a new Trojan for MacOs started to appear on the web. We decided to make a thorough analysis and not to quickly jump on the bandwagon. The key observation is that the final payload comes in the form of scripts needed to be interpreted by Windows Script Console resp; Python in the case of MacOs. Moreover a script generator that creates new malicious Windows file shortcuts was also included.
A chain of events that installs a malicious Visual Basic script on Windows platform looks like this:
When the mastermind hackers of the notorious Carberp Banking Trojan were arrested, we thought the story had ended. But a sample that we received on May 7th, a month after the arrests, looked very suspicious. It connected to a well known URL pattern and it really was the Carberp Trojan. Moreover, the domain it connected to was registered on April 9th!
Taking a closer look into the PE header, it was observed that the TimeDateStamp (02 / 27 / 13 @ 12:19:29pm EST) displayed a bit earlier date than the date of the arrests of the cybercriminals, and the URL was a part of larger botnet where plenty of Russian bots are involved. So the case was closed as a lost sample within a distribution process.
After using our internal Malware Similarity Search to catch as many malware samples as possible, a cluster appeared. It contained some well-known families like Zbot, Dofoil, Gamarue, and some fresh families like Win32/64:Viknok and Win32:Lyposit. The latter is a dynamic link library and it caught our attention by a quite sophisticated loader and a final payload. Read more…
avast! Free Antivirus for Mac was launched a mere week ago, and it only took three days to reach the #1 position on CNET’s download.com. avast! Free Antivirus for Mac fulfills the need for quality security just as the Mac community is recovering from the high-profile Flashback Trojan that infected 600,000 Macs. Many people realize now that OS X is not immune to attack, and new OS X malware is demonstrating how unprotected Macs can be infected when a user simply visits a website.
avast! Free Antivirus for Mac contains the same light, award-winning, certified, and highly acclaimed antivirus and anti-spyware engine as its avast! version 7 Windows counterpart. Learn more about it here.
Win a MacBook Air
Thanks to loyal avast! users like you, avast! is the most liked antivirus on Facebook. As of this writing, we have over 1.1 million likes and rising. Thanks, avast! fans.
Like avast! on Facebook and enter to win a MacBook Air! Take a photo of yourself with an apple and submit it to our contest by Friday, May 18. You must be a registered avast! user and a fan of avast! on Facebook. After the photos are in, the fun begins when all the participants vote for their top 5 favorite photos. Those five will each win a MacBook Air! So get those apples polished and cameras snapping. We want your best photo!
Mac computers running the beta version of avast! Free Antivirus for Mac were not infected by the Flashback Trojan.
“We’ve confirmed our app’s detection abilities for Flashback within the test lab and with reports from our beta testers,” says Jiri Sejtko, director of AVAST Virus Lab operations.
The Flashback Trojan linked to the Mac botnet is a derivative of last year’s DevilRobber Mac OS X Trojan. The AVAST Virus Lab now has 18 variants of this malware in its antivirus database.
“With an estimated 600,000 infected Macs, this botnet is just a large example that the Apple operating system is not immune from malware,” said Jiri. “Add a growing market share that makes Mac an attractive target for the bad guys together with a user base that insists they do not need a security app – you have all the conditions in place for an epidemic to rip through.”
The latest Flashback variants can infect vulnerable Macs without requiring the victim to enter a password. “Mac malware has historically been dependent on social engineering – convincing the user to enter the required password. Now these days are over and Mac users can pick up malware just by visiting an infected website,” adds Jiri. “Welcome to the real world.”
Flashback is a logical step in Mac malware’s steady evolution, he points out. Initial malware samples were rather simple, just compiler-generated code, with no encryption whatsoever, but it has since evolved to be more “custom”, with encrypted strings and code, and structured to avoid security apps like LittleSnitch(firewall software for Mac OS) or Apple’s XProtect. During 2011, there were some large-scale attempts to spread Mac malware via Google Image poisoning.
“It takes 1-2 years for malware guys to adapt to a new technology – it took a similar time when they switched from DOS to Windows. This latest botnet did not fall out of the clear blue sky. The conditions have been building for some time and I’m glad that our security app will soon be available for Mac users,” says Jiri.
avast! Free Antivirus for Mac is currently in the late BETA stage. It includes the latest avast! antivirus engine, three shields (Web, File, and Mail) and the WebRep reputation and anti-phishing plugin for Safari browser. avast! Free Antivirus for Mac builds on the AVAST Software tradition of providing a full-fledged security app which is completely free. More details coming very soon.
Apple’s ‘cloak of invulnerability’ has lately been shredded by the MacDefender fake antivirus and the Pinhead and Boonana Trojans. Don’t worry, be proactive. Here are five tips to make your Mac more secure:
1. Don’t use ‘automatic login’
It’s cool to turn your computer on and instantly use it. But troubles can start when a computer is turned on by someone other than its owner… If you are concerned about your sensitive data, you can encrypt or simply disable the ‘automatic login’ function. Here’s how to do it:
1) Go to System Preferences > Security
2) Authenticate yourself by clicking Click the lock to make changes
3) Check Disable automatic login Read more…