From time to time, we find ourselves standing square in the midst of a new form of OS X- or iOS-based malware. And while the cyber threats are usually identified, addressed, and dealt with in a timely manner on Apple’s end, a previously unidentified new version of malware that we’re just being informed of this morning happens to pose an overwhelming threat to the technologically challenged among us.
Lead researcher over at cybersecurity firm Malwarebytes, Thomas Reed, is credited with originally discovering the vulnerability, which he indicated had first crossed his path in the form of a pop-up scam which originated from an advanced Mac software cleaner website.
The malware, according to Reed, relies on a rather simple, yet deceptive process by which a user is lured into downloading the “Advanced Mac Cleaner” utility from the aforementioned website. However, downloading the utility, in and of itself, isn’t the sole means by which the malware comes to fruition. For instance, when it’s first downloaded, Advanced Mac Cleaner also downloads a secondary app — Mac File Opener — which is the primary culprit behind this bug.
“Even more intriguing,” said Reed of the malware. “This app didn’t have any apparent mechanism for being launched. It hadn’t been added to my login items. There wasn’t a new launch agent or daemon designed to load it. It simply seemed to be sitting there, doing nothing.”
Intrigued by his findings, Reed decided to do a bit of deeper research into the Mac File Opener program, when he ultimately discovered a file hidden within the app, itself, which detailed a list of over 232 file types that Mac File Opener is capable of opening.
The deceptive aspect about the program is that, even if none of your current OS X apps are capable of running it, you’ll still be presented with a deceptively real-looking, though inherently fake version, of the standard OS X dialog box — which will likely indicate that there’s no app available to complete your download as specified.
It’s this fake dialog box, according to Reed, that’s inherently linked up to the “macfileopener[dot]com” website — a domain whereat a plethora of perceptively ‘Mac-friendly’ apps, such as Mac Adware Remover and Mac Space Reviver, can be downloaded for free — all without an inherent warning of malign, since they are inherently well-known Mac app titles.
Malware on OS X is about as rare as Tapatio on a peanut butter sandwich these days, particularly because even when it does arise, Apple is usually quick to smother the flames. However, this new ‘Mac File Opener’ malware defies the conventional protocols of even the most sly, modern-day scammers. So it may be worth informing your more technologically challenged friends about how they should never download apps from anywhere other than the official Apple App Store, just in case, right?
Have you been infected by the Mac File Opener Malware? Let us know in the comments.