Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Community > MacNN Lounge > New Mac Ransomware Discovered

New Mac Ransomware Discovered
Thread Tools
Thorzdad
Moderator
Join Date: Aug 2001
Location: Nobletucky
Status: Offline
Reply With Quote
Jul 5, 2020, 04:33 PM
 
Researchers have uncovered a new Mac-targeted ransomware. It also targets passwords, card numbers, etc.

Short version: You have to DL warez and bypass security alerts to get it on your Mac. Still, it’s kind of an interesting development.
[set curmudgeon_mode=1]
     
ghporter
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Jul 5, 2020, 07:57 PM
 
I was recently caught by a benign looking download. It came from a page that was supposed to give me a certificate for a continuing education course I'd just completed. Somehow the legitimate education provider's page* was corrupted with a link that said my Flash installation was out of date.

Yeah, it was Flash, but some places use Flash to customize documents on the fly, so I clicked. Obviously I shouldn't have.

It hijacked my browsers - both Chrome and Safari. And it shifted Chrome to "managed" so I couldn't even un-bork it. So I dialed Time Machine back about two days before that debacle and reloaded. Then I spent much of an evening logging back into this or that.

Now I should point out here that I'm a computer security guy from way back. Remember the Happy New Year virus, or Melissa from 1999? I do, and I spent a couple weeks rebuilding machines because some folks couldn't be trusted not to click on stuff. In other words, I should know better. And yet I still clicked the sketchy link.

So I'm betting that there will be very cool, very appealing, and very legit-looking warez that will be carriers for this particular bit of nastiness. And as if we didn't have enough else to keep our guards up about, this is something that's going to be a growing problem. Even with the built in security of the Mac environment.

* Of course I have let the CE provider know what happened, and they sent me a link by email that did what it was supposed to do. In the future, I won't be caught like that again. It'll be some other way.

Glenn -----OTR/L, MOT, Tx
     
subego
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Jul 5, 2020, 08:09 PM
 
How much Flash needs to die can’t be expressed with words.
     
Laminar
Posting Junkie
Join Date: Apr 2007
Location: Iowa, how long can this be? Does it really ruin the left column spacing?
Status: Offline
Reply With Quote
Jul 6, 2020, 09:06 AM
 
My parents' Downloads folder is basically:

Flash Installer.dmg
Flash Installer (1).dmg
Flash Installer (2).dmg
Flash Installer (3).dmg
Flash Installer (4).dmg
Flash Installer (5).dmg
Flash Installer (6).dmg
Flash Installer (7).dmg
Flash Installer (8).dmg
Flash Installer (9).dmg
Flash Installer (10).dmg
Flash Installer (11).dmg

etc.

All of them are certainly malware, but the malware creators overestimated my parents' ability to perform even the simplest tasks, like installing a program.
     
P
Moderator
Join Date: Apr 2000
Location: Gothenburg, Sweden
Status: Offline
Reply With Quote
Jul 6, 2020, 11:51 AM
 
Originally Posted by subego View Post
How much Flash needs to die can’t be expressed with words.
Less than six months left now.
The new Mac Pro has up to 30 MB of cache inside the processor itself. That's more than the HD in my first Mac. Somehow I'm still running out of space.
     
Thorzdad  (op)
Moderator
Join Date: Aug 2001
Location: Nobletucky
Status: Offline
Reply With Quote
Jul 6, 2020, 01:36 PM
 
Originally Posted by P View Post
Less than six months left now.
I saw an odd statement from Adobe a month or so back that seemed to say that everyone’s Flash player is somehow going to be bricked. Is that right?
[set curmudgeon_mode=1]
     
Waragainstsleep
Posting Junkie
Join Date: Mar 2004
Location: UK
Status: Offline
Reply With Quote
Jul 6, 2020, 03:45 PM
 
Originally Posted by Laminar View Post
My parents' Downloads folder is basically:

Flash Installer.dmg
Flash Installer (1).dmg
Flash Installer (2).dmg
Flash Installer (3).dmg
Flash Installer (4).dmg
Flash Installer (5).dmg
Flash Installer (6).dmg
Flash Installer (7).dmg
Flash Installer (8).dmg
Flash Installer (9).dmg
Flash Installer (10).dmg
Flash Installer (11).dmg

etc.

All of them are certainly malware, but the malware creators overestimated my parents' ability to perform even the simplest tasks, like installing a program.
I see this a lot.
I have plenty of more important things to do, if only I could bring myself to do them....
     
P
Moderator
Join Date: Apr 2000
Location: Gothenburg, Sweden
Status: Offline
Reply With Quote
Jul 6, 2020, 07:12 PM
 
Originally Posted by Thorzdad View Post
I saw an odd statement from Adobe a month or so back that seemed to say that everyone’s Flash player is somehow going to be bricked. Is that right?
Adobe will stop supporting it and will stop distributing it. The various browsers will treat that in different ways. MS and Google have said that they will remove it from their browsers by that date. Firefox seems to be doing the same thing, with a tiny asterix for the long term support versions. Apple has required explicit enabling of Flash for years - I don’t know if they have said that they will absolutely remove it by that date, but it seems highly likely.
The new Mac Pro has up to 30 MB of cache inside the processor itself. That's more than the HD in my first Mac. Somehow I'm still running out of space.
     
ghporter
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Jul 11, 2020, 02:50 PM
 
Flash (or “Flash”) is only one of the typical vectors. It’s important to be VERY suspicious of anything that wants you to install it. As of my incident above, I’m going to “just say no” to anything that I didn’t specifically seek out.

But... How many people say “my Mac is always safe, so what could go wrong?” Yeah, plenty of them.

Sadly, we need to start making Mac users as suspicious as Windows users should be. Which sucks...

Glenn -----OTR/L, MOT, Tx
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 08:35 PM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,