Posted on 07/01/2019 8:16:13 AM PDT by Swordmaker
New Mac malware in the wild evades security software, researchers
Roger Fingas for AppleInsider:
Newly uncovered Mac malware is not only in the wild, but trying to avoid detection by security researchers, according to one such firm.
Dubbed CrescentCore, the malware comes as it usually does in the form of a DMG file pretending to be an Adobe Flash Player installer, Intego said. If someone launches its contents, the software will check to see if its running inside a virtual machine a way researchers often quarantine their subjects.
The malware also checks for several popular antivirus tools, and if it detects them, will simply stop running. If theres nothing in the way one version will install LaunchAgent, described as a persistent infection, while another will install either Advanced Mac Cleaner or a Safari extension.
The team at Intego has observed OSX/CrescentCore in the wild being distributed via numerous sites. Mac users should beware that they may encounter it, even via seemingly innocuous sources such as Google search results.
The new malware was first observed linked from a site purporting to share digital copies of new comic books for freeone of many shady sites that flagrantly violates U.S. copyright laws.
Potentially harmful download links are commonly found on digital piracy sites that claim to offer download links for cracked copies of software, popular movies, and other copyrighted content that cannot be legally obtained for free. It is quite common for links on such sites to send users to malware, scams, or both.
If you MUST have Adobe Flash, only download it, or its updates from the official Adobe website, never from an email or a screen pop-up alert telling you that you need to do an update, as all of these are bogus.
If you want on or off the Apple/Mac/iOS Ping List, Freepmail me.
Steve Jobs was certainly correct in his recognition that Adobe Flash was a security nightmare. He saved many a Apple customer from their own personal cyber nightmare.
Hmmm, makes you wonder who is putting them there?
VirtualBox is your friend. If you are doing anything sensitive, always do it from a Virtual Machine.
People still use flash? Why?
Must be a Mac thing, always stuck in the past, like their hardware options and prices
If at least, you don’t have a Password manager by now you are the problem, just as much as the hackers.
Any new machine I setup gets flash and java removed immediately.
Unrelated we are enjoying our Apple TV. It is reasonably priced and integrates all of third party applications like Sling, Netflix, etc. Makes steaming a lot easier.
Very nicely designed.
We picked up a second box.
I’m pretty sure I have it floating around on my computer... I have a persistent Adobe Installer for sometime that I refuse to install.
Ah. So it presents from a non-official site masquerading as Adobe, or someone who looks for a download site and just clicks on one?
Nope... Apple was the first to kick Flash to the curb. You can install it manually, but Safari (and probably other browsers as well) will quarantine it, and warn you can make you confirm you want to use it every single time a website asks for it. I have a long range shooting simulator that runs locally that still uses it, but never allow it to be used online... which reminds me that I should check if a more modern version is now available.
Actually, its not. Apple was the first to banish Adobe Flash Player. As for pricing, one of my clients is planing on upgrading the 10 business grade PCs in his two offices this summer so I went shopping to find name brand mid-range Windows 10 Pro equipped PCs. Almost every single one in the specifications required were MORE expensive than an equivalent Mac with similar hardware specs WITHOUT the suite of software the Apple includes as a matter of course. We are talking Dell, Lenovo, or HP as name brands with modern Intel i5 or greater processors with a minimum 8GB of RAM and either a 256GB SSD or a 1TB HD plus a high-definition monitor (greater than 1080P) of at least 20. Many of the brands all-in-one PCs had very old versions (four or even five generations back) of the i3/i5 processors, often came preinstalled with Windows 10 Home, or only with 4GB of RAM, requiring a lot of extra prep to bring them up to future proof them.
Frankly, I was quite surprised. The least expensive Dell was competitive with the i3 8GB RAM with 128GB SSD Apple Mac Mini when configure in a similar way. The only way to buy a really economical, lesser expensive Dell was to opt for a 4GB RAM Pentium driven Dell desktop. Now thats really old tech.
[[VirtualBox is your friend. If you are doing anything sensitive, always do it from a Virtual Machine.]]
Great point- if you must use flash, open up virtualbox, then go to the site- just another added safety measure-
One thing i always used when i ran windows as main os was rollbackRX- IF i ever got a virus, which was very rare- (or something just messed up on computer that i couldn’t figure out) I could do a complete rollback to a time before i got the virus- You can install your OS, get all your programs on, updated, set windows up how you like it- then do a baseline system snapshot- as your ‘last resort’ snapshot- when everything else fails- then do snapshots along hte way whenever you have major changes-
What i like about rollbackRX is that it runs before windows starts up if you want- gives you a list of snapshots to restore to before windows loads- and it restores EVERYTHING- just the way it was before you got the virus-
I know this is Mac thread- but for those whio are also windows users- I’d highly recommend rollbackRX- Saved my bacon many times- easy peasy too- no hunting down virus files on computer- no quarantines- nothing, just do a rollback-
The only thing is that it hooks into the master boot record- so that it can start before windows boots-
Anyways- anyone interested- check it out- i never worried about viruses, or messing up the computer by mucking with the registry or anything like that- was free to try things without fear of having to do a reformat because something got messed up- just did a rollback and in 2 minutes was back up and running- I went for years like that when i ran windows as main os- very very pleased with the program-
how do you watch youtube videos then? Or do you?
I love the videos where the Scammers get scammed, and they think they put the virus on their computer, only to be told that they were running VirtualBox, meanwhile the Scammer’s PC gets Syskey’d.
I thought YouTube videos are now HTML5. No plugin required.
oh that’s right- I forgot about trhat- i just install linux, and it automatically sets it up i guess- there was a time awhiel back when they were switching that we had to get plugins for firefox to make html5 work- but not anymore i guess- so i forgot about it being html5
Flash I understand, but what is the beef with Java? There are some cross-platform products that need it. (Notably for me: Apache Directory Studio.). Also, some people use it (? still ?) for server programming.
lol sounds funny- haven’t seen those vids=-
Here’s a funny vid with someone scamming a scammer- The dude pretends to be a policeman at a murder scene where the scammer is calling to- it has a little swearing in it- just the word A%&- but it’s pretty funny- listen to the last question he asks the dude too- The scammer is liek “Whaaaaaat? Noooo!” i was rollin-
https://www.youtube.com/watch?v=-7OgWcwgB50
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.