A macOS malware discovered in April has found a new vector of attack, with people searching for software on Google finding malware presented as legitimate ads.
The “original” article is the one I linked - the one written by the actual security researchers at MalwareBytes who did the research on this malware and then provided the detailed write up (which is what security researchers do). The one shared in the OP is referencing that article.
But it’s all good. All you had to do was tell me you can’t read and I would’ve backed out of this thread like 2 responses ago. :) Have a great night!
Explicitly by the users negligence, same as any negligent user installing some freeware on windows and ending up with BonziBuddy and 34 search bars in their browser. Or alternately, by clicking “Ignore” on on an alert in their AV and proceeding with the installation anyway.
Sure but actually no as that literally wouldn’t be able to happen on windows. Windows will immediately quarantine any flagged files and they won’t be able to launch without the user having to jump through some rather extravagant hoops. Since you mentioned bonzibuddy and search bars I’m gonna go ahead and assume you haven’t looked at a Windows PC in the last 15 or more years so I guess that would explain your misunderstanding on this subject
My main PC is a windows PC (mainly for video games and music production). I also have a Macbook for my work as a (currently) Lead Systems Automation Engineer for a large global company (14 years in the industry, 3.5 of those was me “taking a break” and going into Infosec specifically to first do endpoint/end-user security, then moving into container and cloud security) a personal Macbook, as well as a few Linux laptops I use to write code and do other tech-related things because I prefer MacOS and Linux for that kind of work. I’m well-exposed to most operating systems and have a working knowledge of how security works, both in a professional setting as well as a personal one.
I mention BonziBuddy and search bars because they’re funny and to illustrate a simple point. The reality is that browser hijackers still very much exist (though they’re not as prevalent as they used to be because browsers themselves have become more resilient over the years - nowadays, they’re usually found in add-ons/extensions because its easier to fly under the radar that way).
For all the shady shit I’ve done on all of the above platforms, I’ve never had an issue. Specifically in Windows, Defender - which is still the de facto/standard security tool that comes bundled with Windows under the Windows Security tool suite - has not once flagged malware for me. I’ve found it with Avast and BitDefender, but Windows Defender simply isn’t great for the things I do.
I also run ClamAV on the Macbook for ad-hoc scanning of things I download prior to running them. Why? Because I’m not a negligent user and I do at least the bare minimum in regards to good security practices.
In every one of the above cases/operating systems/platforms, there is always some kind of security tooling or framework involved (whether that’s ClamAV on Mac, BitDefender or ClamAV or MalwareBytes or whatever on Windows, SELinux or AppArmor or ClamAV on Linux) that can and should be leveraged if you really want to be “safe.”
In the case of AMOS and Macs, users are purposely bypassing Gatekeeper and proceeding without knowing wtf they’re installing. As soon as Gatekeeper pops up like that, you should be on alert unless you know the software you’re installing isn’t signed, trust the source, and are willing to codesign it yourself.
You, on the other hand, clearly seem to have some kind of gripe against Macs (based off of your comments in this now far-too-long comment thread) and that kind of weird quasi-religious brand loyalty (or hatred) is a thing I’ll never understand.
The fact that you’re out on a public forum, spewing bad info/misinformation really says everything. Not that you care, but I’d have respected you more if you just admitted you were wrong and misread the bit about the Google ads. Instead, you decided to be confidently dumb and jump from hill to hill, prepared to die on each one of them.
I mean that’s a lot of words to summarize you didn’t really get what’s going on. End result there is still no grounds on which to blame Google for any of this and the only one responsible here for protecting the user is Apple. No real way to slice it otherwise but I’ll tell you this much, nobody is asking you to defend the biggest company in the world.
I’m not defending shit and frankly, I give up. That “a lot of words to summarize” was an offer of my credentials and experience doing engineering and information security work and you clearly showed, once again, that no one ever actually taught you how to read.
You’re either incredibly stupid or trolling for responses and I’m not interested in dealing with either any further.
Yeah you blathered on about nonsense telling me your life story as if it matters. It doesn’t, you can’t try and throw weight around trying to say you have a more legitimate background and understanding and then be absolutely wrong about something. It’s goddam insane, and you should feel bad for trying to manipulate people, it’s not going to work with me but there are plenty of other people who do read the comments and you are doing nothing more than being manipulative. So STOP
Alright, quiet down, dummy. Conversation’s over and the only thing you’ll find by continuing to come back here is me further insulting you for not being able to read a simple sentence, understand it, and then getting all pissy about it when someone calls you on it. Go find an actual Apple fanboy to pull your shit with.
The “original” article is the one I linked - the one written by the actual security researchers at MalwareBytes who did the research on this malware and then provided the detailed write up (which is what security researchers do). The one shared in the OP is referencing that article.
But it’s all good. All you had to do was tell me you can’t read and I would’ve backed out of this thread like 2 responses ago. :) Have a great night!
I mean, at the end of the day the malware is being allowed to install on the computer is it not?
Explicitly by the users negligence, same as any negligent user installing some freeware on windows and ending up with BonziBuddy and 34 search bars in their browser. Or alternately, by clicking “Ignore” on on an alert in their AV and proceeding with the installation anyway.
Sure but actually no as that literally wouldn’t be able to happen on windows. Windows will immediately quarantine any flagged files and they won’t be able to launch without the user having to jump through some rather extravagant hoops. Since you mentioned bonzibuddy and search bars I’m gonna go ahead and assume you haven’t looked at a Windows PC in the last 15 or more years so I guess that would explain your misunderstanding on this subject
My main PC is a windows PC (mainly for video games and music production). I also have a Macbook for my work as a (currently) Lead Systems Automation Engineer for a large global company (14 years in the industry, 3.5 of those was me “taking a break” and going into Infosec specifically to first do endpoint/end-user security, then moving into container and cloud security) a personal Macbook, as well as a few Linux laptops I use to write code and do other tech-related things because I prefer MacOS and Linux for that kind of work. I’m well-exposed to most operating systems and have a working knowledge of how security works, both in a professional setting as well as a personal one.
I mention BonziBuddy and search bars because they’re funny and to illustrate a simple point. The reality is that browser hijackers still very much exist (though they’re not as prevalent as they used to be because browsers themselves have become more resilient over the years - nowadays, they’re usually found in add-ons/extensions because its easier to fly under the radar that way).
For all the shady shit I’ve done on all of the above platforms, I’ve never had an issue. Specifically in Windows, Defender - which is still the de facto/standard security tool that comes bundled with Windows under the Windows Security tool suite - has not once flagged malware for me. I’ve found it with Avast and BitDefender, but Windows Defender simply isn’t great for the things I do.
I also run ClamAV on the Macbook for ad-hoc scanning of things I download prior to running them. Why? Because I’m not a negligent user and I do at least the bare minimum in regards to good security practices.
In every one of the above cases/operating systems/platforms, there is always some kind of security tooling or framework involved (whether that’s ClamAV on Mac, BitDefender or ClamAV or MalwareBytes or whatever on Windows, SELinux or AppArmor or ClamAV on Linux) that can and should be leveraged if you really want to be “safe.”
In the case of AMOS and Macs, users are purposely bypassing Gatekeeper and proceeding without knowing wtf they’re installing. As soon as Gatekeeper pops up like that, you should be on alert unless you know the software you’re installing isn’t signed, trust the source, and are willing to codesign it yourself.
You, on the other hand, clearly seem to have some kind of gripe against Macs (based off of your comments in this now far-too-long comment thread) and that kind of weird quasi-religious brand loyalty (or hatred) is a thing I’ll never understand.
The fact that you’re out on a public forum, spewing bad info/misinformation really says everything. Not that you care, but I’d have respected you more if you just admitted you were wrong and misread the bit about the Google ads. Instead, you decided to be confidently dumb and jump from hill to hill, prepared to die on each one of them.
I mean that’s a lot of words to summarize you didn’t really get what’s going on. End result there is still no grounds on which to blame Google for any of this and the only one responsible here for protecting the user is Apple. No real way to slice it otherwise but I’ll tell you this much, nobody is asking you to defend the biggest company in the world.
I’m not defending shit and frankly, I give up. That “a lot of words to summarize” was an offer of my credentials and experience doing engineering and information security work and you clearly showed, once again, that no one ever actually taught you how to read.
You’re either incredibly stupid or trolling for responses and I’m not interested in dealing with either any further.
Yeah you blathered on about nonsense telling me your life story as if it matters. It doesn’t, you can’t try and throw weight around trying to say you have a more legitimate background and understanding and then be absolutely wrong about something. It’s goddam insane, and you should feel bad for trying to manipulate people, it’s not going to work with me but there are plenty of other people who do read the comments and you are doing nothing more than being manipulative. So STOP
Alright, quiet down, dummy. Conversation’s over and the only thing you’ll find by continuing to come back here is me further insulting you for not being able to read a simple sentence, understand it, and then getting all pissy about it when someone calls you on it. Go find an actual Apple fanboy to pull your shit with.