A new piece of Mac malware is making the rounds. OSX/MaMi hijacks macOS’s DNS settings to intercept traffic by routing it through malicious servers. Additional capabilities, which didn’t seem to be active in the version that researcher Patrick Wardle analyzed, including taking screenshots, generating simulated mouse events, persisting as a launch item, downloading and uploading files, and executing commands. The motive, author, and how OSX/MaMi is spread are currently unknown, and when the Hacker News article was published, antivirus apps weren’t able to detect it. To see if you’re infected, check your DNS settings in System Preferences > Network, and look for the DNS servers 126.96.36.199 and 188.8.131.52. But unless you did something to bypass macOS’s Gatekeeper security, you likely have nothing to worry about since the malware’s executable isn’t signed by Apple.
Apple provides some fantastic images for use as Desktop backgrounds and screensavers, but if you like seeing pretty pictures regularly, you’ll get bored with Apple’s tiny collection. Happily, Mac developers have tapped massive Internet photo sites to give you an inexhaustible set of beautiful photos to dress up your Desktop, screensaver, and browser windows.
Bitdefender Labs has issued a warning about an app called EasyDoc Converter, saying that it’s dangerous malware that could give an attacker complete control of your Mac. EasyDoc Converter was available at the reputable MacUpdate Web site, and testers at Tom’s Guide were able to install it despite Gatekeeper being set to allow apps only from the “Mac App Store and identified developers.” Interestingly, the malware will not install if you have Objective Development Software’s Little Snitch network-monitoring utility installed. Read this as yet another reminder to be extra careful about what you install on your Mac — stick to software from reputable developers.
Six months in, the tvOS ecosystem feels a bit empty. “Take Control of Apple TV” author Josh Centers investigates to find out why.
There’s a poorly worded checkbox buried in the App Store pane of System Preferences that, if you misinterpret the interface, can result in your Mac failing to download critical anti-malware data. Adam Engst unwittingly had it set wrong, and if you do too, read on to learn how to get it right.
Version 2.90 of the Transmission BitTorrent client came with an unwanted feature: the KeRanger ransomware, which may be the first bona fide ransomware for the Mac. Three days after being installed, KeRanger begins encrypting files, and affected users must pay a ransom of 1 Bitcoin (about $400) to get their files back. Thankfully, Apple and the Transmission developers worked quickly to mitigate the attack. Apple revoked the stolen certificate used by KeRanger, so it will no longer work on Macs protected by Gatekeeper, and the Transmission Project has updated Transmission to 2.92, which automatically removes KeRanger if it’s present. If you have Transmission installed, update it immediately, and if you’ve turned off Gatekeeper for any reason, turn it back on by going to System Preferences > Security & Privacy and selecting Mac App Store and Identified Developers under Allow Apps Downloaded From. And keep good backups!
A vulnerability associated with the Sparkle software updater opens many popular apps open to attack. Josh Centers explains who’s at risk and what to do about it.
It’s not new, and Apple doesn’t show it much love, but the ubiquitous Services menu can be a productivity powerhouse. Josh Centers explains how to use it and even how to make your own services.
XcodeGhost is a new piece of malware that uses modified versions of Xcode to insert malicious code into popular iOS apps. This appears to affect only Chinese apps, because bandwidth limitations in China are what prompted developers to download modified copies of Xcode from unofficial sources, rather than going straight to Apple.
Want to open your favorite Web apps faster? Adam Engst shares the best way to turn a Web app into a native Mac app via a hidden feature in Google Chrome.
In this chapter we continue by looking at some security settings that require a bit more explanation and thought. That includes a discussion of OS X’s Gatekeeper and sandboxing security features, some basics for using user accounts more securely, and a couple of quick suggestions about sharing files, your screen, and other resources.
In this week’s chapter of the streamed “Take Control of Security for Mac Users,” Joe Kissell explains how to use OS X’s Gatekeeper technology to protect yourself from malicious apps, helps you set up user accounts for optimal security, and looks at how to share resources on your Mac securely.
As the recent celebrity photo thefts showed, Apple now faces cloud security challenges that few other companies — even international banks — have had to address so far.
If you’ve wanted to run a wiki or a blog using OS X Server, you don’t need to enable the Web service and install complex software. Instead, read this latest chapter of “Take Control of OS X Server,” where Charles Edge explains how to create and run your own wikis and associated blogs.
Maintenance update for the popular audio editor. ($32 new, free update, 14.5 MB)