Reasons why McAfee MacOS and iOS update should not be ignored

Apple's device is also targeted

　Apple is the latest version of iOS on January 27, "iOS 15."3" has started.It is mainly recommended for all users, focusing on bug fixes and security updates.On the Apple site, this iOS 15.The correction point in 3 is described (https: // supportport).Apple.We are dealing with many vulnerabilities in COM/JA-JP/HT213053), Colorsync, iCloud, and WebKit.

　In particular, the vulnerability that Safari bugs leak the Google account information to the website, but it has also been revised.

　There is no possibility that the movements of software programs or mistakes may cause unprecedented actions.That point may be abused by cyber attackers.

　Things that many people, such as the iPhone, and those that are topical, are easy for cyber criminals to be targeted.In recent years, Apple devices are popular, and the number of users of Apple products, such as Mac and iPad, is increasing in Japan.

　However, it is risky to keep using old OS, whether on smartphones and PCs.In some cases, the weaknesses may be exposed to various cyber crimes.Macs have once been said to be safer than Windows, so some people may have that image.However, in recent years, malware targeting Macs has increased.

　Therefore, it is important to check the information on the device you are using even when using the iPhone or Mac, and do not ignore it if there is an update.

I want to check recent security information

　OS and app updates often solve problems and vulnerabilities found by manufacturers and security vendors.It is important to apply immediately without having to worry about it.So what else should you keep in mind?

　First of all, I would like to keep backup regularly or save data outside so that the damage can be minimized even when a sudden risk.You should choose a reliable storage or cloud service as much as possible.

　Of course, it is basic to install security software on both smartphones and PCs.In the case of smartphones, it is important to set the settings for loss and theft measures.

　Checking the latest information makes it easier to notice a new crisis.The habit of patroling the "IPA (Information Processing Promotion Organization)" with important security information, the "JVN (JAPAN VULNERABILITY NOTES)", a vulnerability portal site that provides vulnerability information such as software and its countermeasures information.It may be good to put it on.If the vulnerability is reported, be alert until the update is applied.

　This time, let's introduce "Is Apple computer infected with viruses?"(Sekyu Lab) (Seikyu Lab)

* The following will be reprinted from MCAFEE blog.

Does the Apple computer infect a virus?：McAfee Blog

Does the Apple computer infect a virus?

Many users choose a Mac computer because they have a function to link with Apple devices and seamlessly, as well as the Mac "Clear" security features.In addition, Apple has notified users of regular updates so that the safest software version can spread to all generations of Apple products.Still, does Apple computer infect a virus?What about the popular Mac device lineup?Is Apple product infected with virus?

Apple has taken measures, such as preventing software from being able to download software other than the official App Store in Apple, but Mac, iPhone, and iPad are all computer viruses in all computer viruses.It is not resistant.

What is a virus?

What is a virus?不正なソフトウェアのかけらで、コンピューターシステムに侵入して自らコピーして増えていきます。そして、その他のシステムにも拡散していきます。これにより、個人情報や財務データの盗難、ファイルの破損や暗号の乗っ取りなどが発生します。Appleデバイスに感染する一般的なウイルス、いくつかの既知のマルウェア、コンピューターを保護するための最良の方法について、次をお読みください。

Cookieminer

Cookieminerは、主に暗号通貨交換に関連するChromeブラウザー認証のCookieを窃取するマルウェアです。複雑で高度なCookieminerコードは、パスワード、ユーザー名、その他のログイン資格情報データなどの情報を盗むことにより、Appleと暗号通貨交換の両方の厳格なセキュリティプロトコルをすり抜けています。また、iTunesのアカウントからバックアップデータを窃取して暗号通貨のウォレットを開き、ビットコイン、イーサリアム、XRPなどの暗号通貨を盗むこともできます。けれども、Cookieminerのハッカーにとって貴重な暗号通貨を盗むだけでは物足りません。このマルウェアを使用して暗号通貨のマイニングソフトウェアをMacBookにロードして、ほとんど知られていない日本の暗号通貨であるKotoをマイニングしています。

MacがCookieminerウイルスに感染している可能性があることを示す手がかりは、サイバーウォレットが大幅に減少しているといったこと以外にもいくつかあります。暗号通貨マイナーとして、CookieminerはCPUの処理能力を大量に使用するため、感染したMacは基本的なコンピューティングタスクを完了するのに時間がかかります。さらに、Mac上の他のソフトウェアアプリケーションが正常に機能しない、または完全に機能しなくなる、Macが過熱するといったことに気付く場合があります。

OSX/Dok

OSX/DOK is a malware that has invaded a Mac computer without the user notices and hijacks data traffic.Return this traffic via a fake proxy server to steal the right to access all communications performed by users.This malware is signed by a legitimate developer certificate that verifies its reliability, and can disable Apple's security.Hackers can also access data such as bank information sent via SSL-TLS encryption connection via OSX/Dok.This malware is particularly troublesome because the iPhone, iPad, and MacBooks used by users are usually synchronized.

Apple has disabled the related developer certificate, and the original version of OSX/Dok has been stopped, but later versions have been used using another developer certificate.Apple devices are particularly vulnerable to this malware, especially if the user downloads files due to email fishing fraud.As the software is installed on the computer, a deadly operation starts.In most cases, a message is displayed that the system detected security issues after the operation was started.Malware encourages users to install the update, and all operations are locked until the user sends and installs a password.Once the password is stealed, all administrator rights for control of the device will be held by malware.

Crossrider

CROSSRIDER is a subspecies of malware OSX/Shlayer, using a fake Adobe Flash Player installer to embed another malicious code in the Apple device.If the message to update Adobe Flash Player is sent to the user, the user will accidentally download a fake installer.Following the link, it is not a real update from the Adobe website, but a fake installer accidentally downloads it.The fake installer message requires password transmission so that the software can change the system and install the program.

Advanced Mac Cleaner, Chumsearch Safari Extension, and MyShopcoupon+are some tools installed through a fake Adobe Flash Player installer.The impact of MyShopcoupon+and Chumsearch Safari Extension on the user is not so large, but Advanced Mac Cleaner can be huge if you don't pay attention.Advanced Mac Cleaner runs a system security scan and makes it look like some problems have been identified.Next, you will request the user to pay $ 107 to enable the cleanup function of the program.

Microsoft Word macroovirus

Macrovirus was a problem that only PC users face.Macro is a piece of code that the programmer embeds in the application to automate routine tasks.It is designed to take over the application using the code described in Visual Basic and damage the Microsoft Office products that are commonly used, such as Word, Excel, and Project, to damage them when users open.The Visual Basic command in the macro may delete or damage the file.When you open the infected file with Word, Word catches the virus and propagates the virus to all Word documents created after that.

Apple has disabled macro support in the initial version of Office for Mac, but recently macroes have been supported in both new versions of Word and Excel.However, since Apple does not allow macros to enable by default, Mac users are still protected to Macrovirus to some extent.

Mshelper

Mshelperは、ハッカーが暗号通貨を盗むためにコンピューターの処理機能を利用できるようにする、暗号通貨マイニングのマルウェアです。ハッカーは、Mozilla、Chrome、Firefoxなど一般的なブラウザーの画面に広告を表示する目的でもこのマルウェアを開発しました。サイバーセキュリティの専門家は、出所が疑わしいファイルをユーザーがダウンロードするとコンピューターがMshelperに感染すると指摘しています。コンピューターがMshelperに感染している兆候としては、バッテリ寿命の低下、高速回転するファン、過熱、ノイズの増加などがあります。

暗号通貨マイニングのソフトウェアは大量のCPU電力を消費するため、MacがMshelperに感染しているかどうかを見つけるのはさほど難しくありません。コンピューターのアクティビティモニターの下にある「CPU」のタブをクリックします。MacBookがMSelperに感染している場合、CPU使用率が非常に高いアプリケーションのリストの一番上に表示されます。

OSX/MAMI

OSX/MAMIは、ハッカーが悪意のあるサーバー経由でデータトラフィックをリダイレクトすることにより、機密情報を窃取できるようにするマルウェアです。ハッカーはOSX/MAMIを介してドメインネームシステム (DNS) サーバーを乗っ取り、MacのDNS設定を変更します。このマルウェアにより、攻撃者はログイン資格情報の盗用、ファイルのアップロードとダウンロード、インターネットトラフィックの監視など、数多くの有害なタスクを実行できます。

OSX/MAMIはほとんど検出されていませんが、専門家によると、Macユーザーをターゲットにして広く使用されているものはまだありません。このマルウェアの被害者は、標的を絞った電子メールフィッシング詐欺を通じてこの被害に遭っています。MacがOSX/MAMIに感染している兆候は、DNS設定が変更されていることです。このマルウェアに感染したMacBookでは、82.163.143.135 and 82.163.142.Two addresses of 137 are often displayed.

Tips for protecting Mac from malware

Apple has a wonderful initiative to protect Apple products from common security threats, but strong cyber criminals can still enter the Apple device.

Here are some tips to strengthen Mac security.

　・ Do not open spam or suspicious attachment.・ Do not download suspicious files.・ Install an ad block application.・ Create system backup frequently (TimeMachine).・ Install the latest operating system (OS) and application updates.・ Manage data.Install security suite including virus software (firewall and browser destination monitoring).・ If you are connected to a public network or an unreliable network, use VPN software.

Continuous protection

After all, does Apple computer infect a virus?Of course it will be infected!Malware threats are everywhere, so consider joining a comprehensive security suite service.This is one of the most effective procedures that can be performed to protect Apple devices, financial information, and privacy during online.McAfee is in partnership with the industry, IT experts, and user community to provide the most powerful cyber security solutions in the market.

Check out the latest security products.

Get the latest information

　マカフィーに関する最新情報や、モバイルセキュリティの脅威に関するGet the latest informationには、Twitterで@McAfee_Home（US)または@McAfee_JP_Sec（日本）をフォローし、ポッドキャストHackableをお聞きください。

* This article is an article that edits and introduces the popular entry of the past MCAFEE BLOG for publishing ASCII and McAfee collaboration sites "Sekyu Lab".