In this case, don’t open or run files if you don’t know where they came from. That’s the best anti-malware. This is not something that’s going to sneak onto your computer, you have to interact with these types of attacks. Don’t interact, and you’ll be fine.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Common Windows Malware Can Now Infect Macs
- Thread starter MacRumors
- Start date
- Sort by reaction score
I wouldn't choose anything other than Malwarebytes. I use it on Mac, Windows, and Android.
While true, there are other reasons people choose to install out of the App Store, because with an app store comes restrictive rules like if Apple do not like your social-religious views they can just kick you off the store, or if you don't pay them 30% cut, or on iOS you are not allowed to run emulators or use a rendering engine other than WebKit..or..or...or...or.. and they will kick you off the store...
I never believed this theory that Macs were safer because the numbers were small, sure the threat level is less but there was always millions of Mac users any cyber criminal could attack and gain from. We do not have less viruses on the Mac, we literaly had near no viruses on the Mac.
I don't even need to see that earnings day is approaching. I'll know from media restating outlandish or the obvious in sensational! headline!, or a lawsuit is filed that results in incredible free media product marketing, and most important a big fish investor gets to artificially push stock price in a direction that gives them a more unlikely to lose entry price.
The predictability is fun to watch though a bit sad.
The predictability is fun to watch though a bit sad.
First introduce the virus, then sell a solution. I can't put my finger on it, but it reminds of something... I'm 10 more days in quarantine, enough time to think about it ... it's on the tip of my tongue, I know I heard that concept somewhere before.. if only I could remember what this reminds me of...
We do have Universal apps now, so i guess it makes sense that malware would soon follow. Less mess. which outpaces the rest.
I don't seem to have a "LaunchAgents" folder in my "username" directory on my M1 MBP, however one does exist on the drive level but there doesn't appear to be anything in it. Does this issue not impact M1 machines?
Last edited:
Nah... you are good. Mine has nothing in it either. I think most apps with launch items use the main /Library/LaunchAgents/ folder and not the user ~/Library/LaunchAgents/ folder.
Last edited:
If you remove a valid file you could corrupt a valid app and have to reinstall it. Do a web search of the exact file you think could be malicious and usually one of the top hits will be a page on what that file/app does or if it's malicious.
The concern whenever you hear about a new piece of malware is what kind of threat is it? Worms are always the worst, since they’re self spreading, they require an easily exploitable (via automation) remote code execution bug, which is part of the reason they’re so rare today, unlike back in the days of Windows XP. Then there are viruses and Trojans and other categories of malware. Looks like this is a Trojan, what with the malware as a service model that the malware writer used. It’s hard to say what sort of campaign they pair it with to entice you to run the Trojan, odds are that it’s search result poisoning or search advertising poisoning campaigns designed to drive you to the server with it, though it looks like Formbook, the parent malware family, also propagates via phishing campaigns.
Your wish has been granted! Anyone can choose to lock down their Mac restrict installs to only come from the AppleStore just like iOS does. Just go into the Security & Privacy system pref and check the option to require all installs only come from the Apple Store.
Well, the only difference between a virus and a Trojan is how they’re spread. A virus spreads itself from an infected machine via something like email, but it still requires human intervention to run the virus and be infected. The only difference between a virus and a Trojan is how it is spread. A virus spread via email will try to convince you to open the file that comes from your contact. Turns out that virus is the file, the virus then sends itself to your contacts. A Trojan, on the other hand, can be delivered by phishing, by downloads, by similar ideas. The primary difference is whether it’s spread by an infected machine or by a server controlled by a malicious actor that hosts the file, sends out the phishing email, or some other way. I think viruses in general are less common these days, in large part because there’s not an easy way to exploit webmail or social media from an infected machine.
I’d agree that I’m definitely not aware of any worms that have ever existed on the Mac. Worms are the malware type that spread without human intervention. They seem to be fairly rare these days, as there are fewer and fewer remote code execution bugs suitable for propagating through the network on their own, and the malware market seems to find less use for them these days, relative to Trojans, adware, and ransomware. Back in the days of Windows XP, though, the worm was king, especially network scanner worms that would do an automated scan for vulnerable machines upon infection.
I’ve owned Macs for years but have no idea what that means. It’s frustrating to me that these articles are more about striking fear into people than delving into ways to help users.
What they mean as Autorun is what Unix and MacOS mean as daemons.
For MacOS the most common locations are ~/Library/LaunchAgents , /Library/LaunchAgents , and /Library/LaunchDaemons.
Unfortunately it isn’t that simple though. Applications can also create their own Agents and Daemons. I personally use Lingon to keep track of them and to create my own as necessary. There are probably other apps that do similar things as Lignon too.
At any rate, it appears that this malware requires user intervention to run. If you follow the best practices (don’t download dodgy software from dodgy sites, don’t click on attachments in spam emails, make sure you only download software through the company’s official site, don’t use software you’ve acquired through torrents*, install security updates, don’t bypass security features on your Mac without very good reason, be vigilant about software that requests admin permissions when you weren’t expecting it, common sense things like that), you should be protected from this and most Mac malware (same tricks usually work for modern versions of Windows, too). There are things that occasionally slip through those cracks, but they tend to be major massive front page stories when they do occur.
* Some Linux distros and large open source projects in general do have official ISOs available through p2p networks. Check the checksum on the ISO with the website, check the checksum on the torrent file, only download the torrent file from an official website. But those official ISOs are the only executable software you should download via p2p file sharing.
