Macworld UK Failed Us

An article about malware everyone can understand (hopefully)

The point of this post is explicitly explained in the title. I have read many articles on how different malware, adware, and ransomware operate, and it makes sense to me. However, I do understand that for many everyday-users, the technical jargon can get a little overbearing. I will try to explain common malware in layman’s terms.

 

Recently, there was a paper put out from Macworld, a very reputable and well-known Mac publishing company. I have read very good articles on malware from the USA version of Macworld, but the article in question comes from the UK-version. 

 

First, let me try to describe what malware, adware, and ransomware are. Malware is, typically, a program that is physically on your computer/hard drive. This can come in many different forms. One of the primary sources is from fake Adobe Flash player installers. Let’s say I’m navigating to a random site that I found through a search, and a flashing banner at the top of the screen tells me my Adobe Flash player is out of date, don’t click it. ONLY download your Adobe updates directly from Adobe’s site. Another common way to accidentally obtain malware is downloading questionable software. Quite often, when you download a random application through your web browser, you have to go through an installation process. Now if you’re like 99% of the populous, you click Next > Next > Next > Next > Yes > Install. The problem is that when you don't read some of those pages of the installer, they may be installing “bundled software,” which is when a program installer installs multiple programs to your machine, and some of those programs may be malware. See a full list of common programs bundled with malware on our website page at (https://crashsecurity.com/pups). We’ll discuss some common names/forms of malware momentarily.

 

This brings me to the first issue I ran into with this Macworld article. They reference three different types of malware, all which have been obsolete for well over five years -     MacDefender, MacProtector, and MacSecurity. Now, I don't think that you, the readers, knowledge of these names is necessary, but it shows one of the many downfalls of this article. What are some main, modern-day names of malware? Genieo, Spigot, VSearch, Crossrider, to name a few.

 

So how do you know you have malware? Well one of the first-noticeable signs is typically pop up ads. A close second symptom is slow computer performance. There is a very easy way to check - download Malwarebytes. It is a free piece of software from a very reputable company. To get the free download for your Mac, navigate to (https://www.malwarebytes.com/mac/). Once it is downloaded, install the software, and simply click ‘Scan.’ It will scan your machine and return any found malware, and it will usually also catch the programs to which is was bundled at download time (also referred to as Potentially Unwanted Programs or PUPs). 

 

The second HUGE mistake by the Macworld article was explaining how to get rid of ransomware. Ransomware was introduced to the Apple community by a program called KeRanger, which infected a torrented version of a program called Transmission. What ransomware does is encrypt all of your files, then demands a “ransom” in the form of bitcoin, in order to get the proper decryption key. Ransomware is very dangerous, and Macworld took a very passive look at it, stating that it is nothing to worry about, and that you cannot possibly be infected with it. What they said is simply not true. It is possible; unlikely, but still possible. That is why I use another FREE tool called Ransomwhere? created by Patrick Wardle, the Director of Research & Development with Synack. The tool will run all of the time, and it will keep track if something is trying to encrypt your files. At that point, you can then Allow that process to run or Terminate it. If you recently opened a shady attachment from an email, it may be in your wisest interest to Terminate that running process attempting to encrypt your files. That program can be downloaded at Objective-See’s website (https://objective-see.com/products.html).

 

One of the best things you can do to avoid malware is to use your discretion at all times when using your computer. Using a computer shouldn’t be stressful, but if you see a suspicious email, or a random email with an attachment, don’t automatically open it. Double check your installers, and be certain it is just installing what you want it to be installing. Lastly, if you’re leery, email me!

 

I am happy to answer any questions you may have on malware or ransomware. However, if you do find yourself infected with malware or ransomware, it would be wise to get your machine inspected by someone who has seen it many times. Feel free to contact me through our contact page (https://crashsecurity.com/contact), or contact the Corvallis Simply Mac store at (541) 754-0811.

 

Feel free to email me directly at stuart@crashsecurity.com with any questions!