If you have a good reason to believe, and are able to demonstrate, that a file was mistakenly classified, please complete the following form and provide the file details.
If you believe an application, file or URL you encountered is malicious, tell us about it.
Authors: Airo Security Labs
While you mistakenly think that Mac systems are completely secure, today’s Mac threats have stepped up an extra gear. In the last couple of years alone, several new malware types appeared on the scene, specifically designed to attack Macs, leaving a large number of users vulnerable and (still) under-protected.
No matter how strong and tight your Mac security is, we are all still humans. What makes social engineering the number one, everlasting and fast-growing threat. So, if you want to keep opening your door to unwanted or unfamiliar guests, at least make yourself aware of the potential implications, and get yourself protected.
Here are Airo’s pieces of advice on how to help you become more aware of some common threats out there:
Social Engineering refers to psychological manipulation of people into performing actions or divulging confidential information.
Although there are (too) many forms and formats of social engineering that we would love to warn you about, and we will, this blog post will mention one of the most common forms: the famous tech support scams.
You may purchase a product or a software license. Upon purchase, or upon an ad you just saw, you may be asked to contact or be contacted for tech support purposes. Moments later you receive a call from someone, falsely claiming to be a certified Apple tech support agent. This person will attempt to assist you with a (non) existing Mac issue and will often time request to gain remote access to your Mac in order to better assist you with your (non) issue or request.
With remote access granted, this person can potentially copy all your files and data. While also getting paid for this (fake) “tech support,” by convincing you to spend hundreds of dollars for “fixing” software that you probably do not have, want or need.
If you’d like to add to this topic, we would love to have you as a contributor. Please send us your examples, stories and additions. We promise to give you credit (unless you want to stay anonymous).
Keystroke logging often referred to as keylogging or keyboard capturing, is the action of recording the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored. Data can then be retrieved by the person operating the logging program.
A heavily analyzed subject amongst Airo researchers. And, as it turned out, very common across Mac users recently. You may encounter multiple forms of application or software offers, recommending you to install a flash player, a media player (or any other product). This will then trigger you to install an (allegedly) essential program, in order to make you enter your Mac login credentials. Once you do type those, your keystrokes will be recorded by the attackers for their own future use. Now, knowing how to log into your system, they can use it to do as they wish for a variety of actions.
Feel like you can contribute? Were you a victim of a Keylogging malware? Share your story with us! We promise to listen and if we publish, we will credit you (unless you prefer us not to).
Ransomware is a type of malicious software that threatens to publish or otherwise misuse your data by perpetually blocking your access to your Mac, browser or files until a ransom is paid. Ransomware prevents you from accessing your system or personal files and demands ransom payment in order to regain access. These days, it is common by ransomware developers to demand payment to be sent via cryptocurrency or credit card.
After years of only attacking Windows systems, ransomware has set their sights on Mac (users) as well, massively hitting Mac OS in different shapes and forms. A recent publication describes ‘KeRanger’ for example, as Mac-designed ransomware, hiding inside the transmission open source of BitTorrent client.
Feel like you can contribute? Were you a victim of ransomware? Share your story/experience with us! We promise to listen and if we publish, we will credit you (unless you prefer us not to).
Adware and Malvertising (“malicious advertising”) is the use of any online advertising format to spread malware. It typically involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and web pages.
Just surfing the web and searching for some free movies or apps? Whoops! Suddenly your browser pops a new tab, advising you that “Adobe Flash Player” needs to be updated. Or just trying to enjoy Black-Friday’s sale and searching for some nice discount coupons? One wrong click and files get downloaded automatically without your interaction or consent. These are just two examples out of hundreds (if not thousands) of Airo Labs’ findings in (just) the past months.
Malvertising is everywhere: it pops (up), toasts and appears all around. We advise you not to click on shady ads and avoid the installation of software-bundle all at once.
Are you concerned about the non-kosher ads you recently encountered on the web? Share your story/experience with us! We promise to listen and if we publish, we will credit you (unless you prefer us not to).
Zero-day is a flaw in a software (or hardware) that is unknown to the party responsible for patching or otherwise fixing the flaw. Until the vulnerability is fixed, hackers can exploit it to adversely affect computer programs, data or a network.
Recently, a newly zero-day exploit discovered in Mac OS. The exploit could potentially be launched on any Safari website and allowed a remote attacker to execute malicious code on any targeted Mac computer, Just by convincing a victim to visit any website that could (unknowingly) facilitate the exploit.
(Techie alert): These Zero-day flaws included:
In this blog post, we only scratched the surface of some potential Mac threats we see out there today. Over the past year alone, Airo Labs have registered a massive increase in Mac threats and vulnerabilities.
Stay tuned to this blog for updates on other common threats and scams designed specifically for Mac OS. And learn how to protect yourself and your Mac.
Try Airo AV and Airo Web Protection