MaMi is a DNS hijacker. While Windows users are well acquainted with different kinds of malwares, Mac owners are not. For many years Apple products were considered as virus-safe ones. Recently, the situation has changed. The thing is, MacBooks and iMacs became very popular and virus makers turned their attention to them.
What does it do to my computer?
It changes the DNS you use to enter the Web. Domain Names System is like a navigator for your computer. It names all the other computers and servers and maps the path for you. Now imagine what will happen if someone doctored your navigator and messed up your routes and destination points. You’ll get lost and won’t get anywhere.
In the computer world it means you’ll get nowhere at all as well. You won’t be able to reach any site. The DNS hijackers may look innocent enough when compared to other malwares, but they are very dangerous. They can covertly download other malwares and viruses and even turn your computer into a bot.
The first victim of MaMi malware was an unknown teacher. She had a friend ask on her behalf on a Malwarebytes forum , and was able to get some answers. Simultaneously, a cyber security expert Patrick Wardle, who happened to be researching this in his own blog for a bit, came up with a few solution tips of his own.
If your computer is infected, your DNS will change and you can identify this in the System Preference app (Network pane). What the malicious DNS can look like:
Looking into the System Preference is the only way to detect MaMi so far. It’s a fresh malware and it is not yet listed in the Virus Total. Likewise, it cannot be detected by AV softwares. The cunning malware immediately downloads a certificate to disguise itself as a properly signed app.
The cloudguard.me certificate can be found in the System Keychain:
Since there’s no AV tool to exterminate the malware, Patrick Wardle’s advice is to re-install the macOS. if you’re an advanced user you can try and reset the DNS servers according to the manual that he has posted in his blog. [https://objective-see.com/blog/blog_0x26.html]
Sure! But the protection will take time to develop. MaMi, for instance, is a very complicated malware. The DNS servers it used were the only thing that betrayed its presence. You see, these very DNS servers were used for the Windows DNS hijackers many years ago.
So someone somewhere took the time to re-invent the malware for the macOS. So, there will be more to come this way.
Video uploaded by dailytut on January 16, 2018
Thousands of Scams on WhatsApp: They Impersonate the Voices of Your Parents and Best Friends,…
Credential Stuffing: Increasingly Devastating in France This formidable technique explains the surge in cyberattacks in…
Mysterious Case: Users Report Hearing Strange Voices on Their iPhones Affected phones may have privacy…
Xiaomi Announced Poco C75 Mid-range Smartphone The Poco C75 is a newly announced mid-range smartphone…
Meta Conducts Tests to Implement Facial Recognition Technology Meta, the company behind social media platforms…
The 5 Best Apple Intelligence Features You Can Try in iOS 18.1: Experience Apple Intelligence…