Mac Malware

There have been several articles recently about a type of malware on the Mac that apparently has been around for some time. Here is one article describing the malware, titled by some as FruitFly. Another article I read said that Apple has released an update to prevent future infections.

Malwarebytes anti-malware for the Mac  (here) will detect and presumably remove the malware. A 'techy' article for the nerdy can be read here. Although there have been no reports of damage done by this malware, you could scan your Mac with Malwarebytes to see if you've been infected.

Jim Hamm

Remotely Infected With Firmware Malware? What!

        Of course, we're keeping up with the latest.  So, take a look at this!          Jim Hamm writes, "While it's not encouraging to read the following article, it just shows that any electronic device can be hacked. The article points out one scenario I hadn't thought of: if one were to buy a Mac, say, from eBay or someone you don't know, it could be loaded with malware.
        "Now this isn't something I'm going to lose sleep over, just something to be aware of and use discretion when clicking a picture or link you're not sure of." And here's that link.

How to Remove Malware & Adware From Your Mac

        From the How-To Geek website Jim Hamm finds some helpful info on viruses, worms, and Trojans, along with adware, crapware, and spyware programs.  The writer outlines the problems and the possibilities.  He also warns, “Don’t have the Java plug-in enabled, either . . . “ This article was published 7-25-15.

Malware / Adware / Crapware

        With the bold statement, "Mac OS X isn't safe anymore" this article dated 2-26-15 has 16 pages of details and pictures.’t-safe-anymore-the-crapware-malware-epidemic-has-begun/  
        Your personal information, bank and credit card numbers, where you are and what you're doing is open to view.  How did this happen?  What can I do?  What downloads are safe? 
        This article has 37 replies posted which gives you an idea of what others are thinking about the troubles that many have not considered. This website also has sections on Windows, Linux, Office, Apple, Mobile, Gadgets, and more.  

YouTube Malware

        Alert and aware! Keep reading . . . 
        "I occasionally will watch a video on YouTube, as you probably do too," says Jim Hamm.   "One thing to be aware of when watching YouTube (or visiting any website, for that matter) is the possibility of getting malware on your computer. Here is an article that gives some tips on avoiding malware on YouTube and websites in general.

        "One item of particular interest, and one which I hadn't heard of previously, is a program called 'Tubrosa.' Take a read on what this program does. The hackers are quite creative, it seems. To my way of thinking, 'Tubrosa' is malware."
        And there's more to know.  Jim Hamm goes on, "Here is another link with 7 common sense tips on avoiding malware. 
        "Also, if I get an email from someone I know and trust, and it has a link in it with no words of description of why my friend is sending this to me, I don't open it. Why? Occasionally an email address will get hijacked and the hacker will start sending out links for people to click and get a virus or other malware -- and they never offer any comments on why the email was sent out."  So, thanks again to Jim for notifying us.  

Being Careful to Avoid Viruses

        John Carter knows what he's talking about.  He writes, "In my experience, there are NO Mac viruses that Apple hasn’t taken care of, and that the only threats found anywhere are in some email message or in an application that is not blessed by Apple; in the latter case, it won’t be found in the App Store.

        "If you have downloaded and installed an app from the Internet, such as Firefox or Chrome, that app may contain something that Sophos doesn’t like the looks of and declare it as suspicious or a threat. However, if you get the app from the source (e.g., Mozilla or Google), then you should not have any problems with that app. However, avoid links that claim to be the source or that offers extra features."
        And John goes into detail in a report to be posted at the Prescott Mac User Group's website, so you'll learn more about Sophos ( and how to use it. 

Learn Via Video, etc.

        Helpful PMUG leader John Carter scores big with this link,  and you'll want to take a look at this website.  Turns out they have more than 900 FREE video tutorials on how to use your Mac, iPad, iPhone and other Apple Technology.  
        And here's some very welcome news: They never sell, rent or share your email address.  Read details at Policies. 
       No, we're not listing all 900 of their video tutorials.  But look at some of these other helpful categories.  

Here's another list of pages you'll want to check out. 
And this concludes the August PMUG meeting handout that's not getting handed out tomorrow, August 16; it's just posted here for your convenience.  Thanks again to John Carter who keeps an eye out for useful info for us.  
by Elaine Hardt. 

Some Specific Malware Emails

        "Of course you already know not to click suspicious emails so you don't end up with a virus or some other malware. Following are some examples that Greg, a blogger I follow, wrote and shows some of the suspicious emails he and his wife have been recently receiving. As he says, just be careful."  And thanks to Jim Hamm for this new alert. 

        Just a warning . . .I’ve been getting a lot of dangerous emails and I wanted to be sure that everyone was on the lookout for them.  They masquerade as Wal-Mart Gift Cards, Chili’s Coupons, or Red Lobster, etc. or even Free iPhones.  Because the fact that there’s usually something funny about the wording or phrasing of the message, the biggest giveaway is the email address shown at the upper left.   In this case, it’s ‘’.     Do you really think that Wal-Mart is going to have an email address with ‘pigduke’ in it?  (Click to enlarge these screen shots, then click the PMUG newsletter tab to revert back.) 
Walmart Trojan
Here’s the exact same email, but from ‘'
Walmart Trojan2
And here’s what looks like a Delivery Notice from the US Post Office. Do you really thing the US Postal Service would be using a United Kingdom email address?
USPS Trojan
What do you think is going to happen if you try to print that shipping label? And why would you need to print a shipping label to PICK UP a package, anyway?   And note that apparently you can go to ANY Post Office to pick up your package.   So check those email addresses, and Let’s Be Careful Out There.

Security Precautions for Protection

        "If you should decide to use two-step verification as a further protection from ransomware and other malware, here is an article with details on how to go about setting this up," writes Jim Hamm.  
        And John Carter sends this advice:  "If you get a notice from USPS to click on a button to open a shipping label to print, don’t.  Any email is safe to open. Just don’t click on anything unless you have verified what you are clicking on." 

Macs Are Safer

        David Passell starts off his New Year with, "Here is an article that should make Mac users happy or unhappy depending on which OS they are running:).  
        Some controversial comments provide food for thought. One person said, “A 10 year old Mac should be safer than the latest Windows 8 with all securty patches, the best anti-virus and malware fighter installed.” 

        Another informs, “the main vulnerability on Mac is the user. . . “

Malware Warning

        "This is a bit disconcerting, to say the least," Jim Hamm exclaims.  See this article: Chinese appliances are shipping with malware-distributing WiFi chips | Apps and Software!
        Today, Jim can't resist passing along this following statement,  "With all the blogging and newspaper articles on NSA's spying, and now China putting malware on items they ship to us, I thought this, unfortunately, has a bit of the ring of truth in it."

        "Please speak clearly into the lampshade on the table. The NSA agent will be with you shortly."