So much for the days of no Mac Malware
-
Last week, I participated in the ancient Thanksgiving rites of being asked to check out my parents' computer. It was an old-ish Macbook Air. They're asking why the homepage changed from Apple's website to a blank tab. I notice that this thing called Mackeeper was installed. Smells like malware to me, telling you your computer has viruses and telling you to pay to get it cleaned. Started googling on my phone, sure sounds like malware, though not one of the really tough to uninstall types. And of course, they have no idea where it came from, how it got installed, etc.
Feels like the days of being able to give your non-techy friends and relatives Macs and be sure they'd never be able to get them completely screwed up with malware are over. I can only guess when all of the family Macs will spawn 50 porn ad popups every time you click on something.
-
@undergroundcode said in So much for the days of no Mac Malware:
Feels like the days of being able to give your non-techy friends and relatives Macs and be sure they'd never be able to get them completely screwed up with malware are over.
Norton and McAfee coming to screw Macs in 3,2,1...
-
@undergroundcode said in So much for the days of no Mac Malware:
And of course, they have no idea where it came from, how it got installed, etc.
It likely came from a browser popup that said they were infected with malware but luckily they can get rid of it with this wonderful program
-
@hungrier said in So much for the days of no Mac Malware:
@undergroundcode said in So much for the days of no Mac Malware:
And of course, they have no idea where it came from, how it got installed, etc.
It likely came from a browser popup that said they were infected with malware but luckily they can get rid of it with this wonderful program
Probably so. I had to have the little talk where anything that pops up and claims you have a virus is itself a virus, and don't click on or install anything from it.
-
@undergroundcode said in So much for the days of no Mac Malware:
Mackeeper
I think that's a fairly well known bit of low level malware. Been around for years
-
@undergroundcode said in So much for the days of no Mac Malware:
And of course, they have no idea where it came from, how it got installed, etc.
I think this is the most aggravating thing about being asked for help with computer issues. And of course, since they don't know what it was that caused it (despite any warnings you give them about what not to do), they never learn to stop doing it.
-
@undergroundcode said in So much for the days of no Mac Malware:
@hungrier said in So much for the days of no Mac Malware:
@undergroundcode said in So much for the days of no Mac Malware:
And of course, they have no idea where it came from, how it got installed, etc.
It likely came from a browser popup that said they were infected with malware but luckily they can get rid of it with this wonderful program
Probably so. I had to have the little talk where anything that pops up and claims you have a virus is itself a virus, and don't click on or install anything from it.
You need to record that and have it popup everytime they login. Might be effective...
-
@dcon said in So much for the days of no Mac Malware:
You need to record that and have it popup everytime they login. Might be effective...
Nah, they'll just click OK and ignore it.
-
@undergroundcode said in So much for the days of no Mac Malware:
I notice that this thing called Mackeeper was installed. Smells like malware to me
It is, and that’s been known for a fair while. Yet still you get forum threads along the lines of “Should I install MacKeeper?"
Feels like the days of being able to give your non-techy friends and relatives Macs and be sure they'd never be able to get them completely screwed up with malware are over.
Yes and no. All macOS malware I can recall offhand either requires you to enter the name and password of an administrator user, or will only affect the current user, not the whole machine. You can still run a Mac perfectly well without a virus scanner, but good luck finding software that protects users from installing something they don’t know if they really choose to anyway — even if Gatekeeper does try to do just that.
-
@gurth said in So much for the days of no Mac Malware:
requires you to enter the name and password of an administrator user
Or root without any password
-
@gurth Haven't studied up on the nastiest Mac malware around, but that does make me think of
-
@undergroundcode Interestingly, Microsoft services only store the login data for most of those things if you tell them to.
My bank and paypal would not let people access them directly, nor would they be able to buy anything on the windows store.
But they would have my email, and so sooner or later they could get into paypal, but still not my bank.
-
@magus I suppose all of those things would vary widely depending on what kind of passwords you used. I think I have paypal one-click set up on my home PC, so you'd get into that with nothing special. Depending on exactly what that does, which I don't remember. I use LastPass for my bank password, which isn't left logged in, so you'd be boned there. How many people use the default web browser password storage with no security though?
Banks, though, seem to have much better security than most people give them credit for, at least tech nerds. Their password lengths and policies aren't great, but they will actually raise red flags and gate things if you try to do something very unusual, like transfer your whole balance to a foreign account when you've never dealt with that country before.
-
@undergroundcode said in So much for the days of no Mac Malware:
I use LastPass for my bank password, which isn't left logged in, so you'd be boned there. How many people use the default web browser password storage with no security though?
I just remember that one.
-
@undergroundcode said in So much for the days of no Mac Malware:
How many people use the default web browser password storage with no security though?
At least I lock the computer whenever I leave... And I don't let it store some - like my bank. Amazon on the other hand...
-
@undergroundcode said in So much for the days of no Mac Malware:
Banks, though, seem to have much better security than most people give them credit for, at least tech nerds. Their password lengths and policies aren't great, but they will actually raise red flags and gate things if you try to do something very unusual, like transfer your whole balance to a foreign account when you've never dealt with that country before.
Banks mostly work with after-the-fact security; they have a good idea of when fraudsters have really gotten away with it, and when the transactions are all still able to be undone…
-
@dkf Pretty much that happened to me last year: somebody tried to max out my credit card, which raised flags at the bank, who phoned me at something like 9 o’clock at night to ask if I had really made that transaction. When I said I was sure I hadn't, it got blocked immediately and I received a new credit card in the mail a few days later.
-
@undergroundcode said in So much for the days of no Mac Malware:
@magus I suppose all of those things would vary widely depending on what kind of passwords you used. I think I have paypal one-click set up on my home PC, so you'd get into that with nothing special.
PayPal and my brokerage account are the two things I have specifically set to never save passwords, specifically to avoid screwups like this.