Mughthesec malware forces Mac OS users to reinstall their OS

by Julie Splinters - - 2017-08-14

The age for Mac OS malware is coming

The image of Mughthesec malware forcing users to reinstall the OS

As surprising as it may seem, this time we are not talking about scam malware or ransomware oriented at Windows OS users. This time macOS-based malware “Mughthesec” is in the spotlight.

New riddles for Mac OS experts

Observing latest tendency on Mac OS malware, it seems that the users of this operating system can now longer feel safe browsing the Web and boast about having the immunity to viruses in contrast to Windows OS users.

Let alone Mac ransomware^[1] which is no longer a rarity, more versions of adware samples targeting this particular operating system are recorded. One of the most vicious happens to be Mughthesec. Technically, it is adware but it may cause quite bothersome outcomes.

It is suspected to be on the Net for a quite a while already. The latest version is said to fish users in poorly protected sites. Once a user clicks on a link or ad possessing Mughthesec, they unknowingly invite the threat to the systems. Luckily, moderate users contribution is still required for the malware to operate.

One of the key distinguishable traits is that it contains AV-detection features which allow it to escape the claws of cyber security tools.^[2] Furthermore, the adware happens to be one of the few malware samples which contains official Apple developer certificate. Thus, it can bypass Apple’s Gate Keeper security measures.

Luckily, more specific details about the malware have been unraveled. The infection disguises under Player.dmg. Surprisingly, the malware installs the legitimate version of Adobe Flash Player along with Advanced Mac Cleaner, the potentially unwanted application, and dubious browser extensions Safe Finder and Booking.com.

Needless to say that such combination results in disrupted browsing sessions. What is worse, the adware is likely to smuggle more PUPs and malware into the system. In contrast to adware, which is not technically difficult to eliminate, poses a real dilemma to both, security experts and affected users – at the moment, the only way to curb the infection is to reinstall the operating system.

More Mac adware surfacing

Another recent malware oriented at users of the operating system is called OSX Dok^[3] which makes crucial changes on the operating system and manages to deliver the fake versions of banking sites. Likewise, data stealing process becomes much easier.

The key factor allowing such malware sneak into the operating system seems to lie in crooks’ success to get access to certain Apple certificates. While the Apple and cyber security experts try to locate and deny the certificates of an unauthorized access, it seems that fraudsters are still one step ahead. Speaking of the prevention, the following tips seem to be the only viable way to curb Mac malware:

update the operating system
install a reliable anti-malware utility
while installing new apps, opt for “Advanced” method to identify any optional download suggestions

About the author

Julie Splinters - Anti-malware specialist

Julie Splinters is the News Editor of 2-spyware. Her bachelor was English Philology.

Contact Julie Splinters
About the company Esolutions

References

^ Arc-etienne M.léveillé . New crypto-ransomware hits macOS. WeLiveSecurity. News, views, and insight from the ESET security community.
^ Catalin Cimpanu. New Mac Adware Mughthesec Will Cause Serious Headaches. BleepingComputer. News, reviews, and tech support.
^ Dreyer Smit. New Apple macOS malware alters the operating system to subvert security measures. Neowin. IT News and Commentary.