SecurityCoinThief is a trojan horse that steals Bitcoins.
MacScan can detect and remove CoinThief Trojan Horse from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.
March 6, 2021 • 1 min read
Securityalso known as OSX/ClickAgent.FLA
Type:
Adware
Platform:
Mac OS X
Last updated:
02/09/16 9:14 pm
Threat Level:
High
Description
ClickAgent is adware. It masquerades as a Flash Player installer and may be found on various websites, especially filesharing and adult websites.
When ClickAgent was discovered in August 2013, it had been signed with an actual Apple Developer ID. If a user installs it, it will be added as an extension to their web browser — Safari, Chrome, or Firefox — and begin injecting ads into any website that the user visits. Some of these ads may be inappropriate or pornographic in …
March 6, 2021 • 2 min read
SecurityType:
Adware
Platform:
Mac OS X
Last updated:
02/09/16 9:14 pm
Threat Level:
High
Description
ChatZum is adware. It most often makes its way onto a Mac during the installation of another, legitimate program such as VLC or UnRarX. Although these applications in themselves are not malicious, and are not affiliated with the malware’s authors, the installer packages that bundle them together with the ChatZum adware are. Users are given the option to opt out of installing ChatZum by the installer program; however, ChatZum components are nevertheless installed on their computers even if they opt out.
Once installed on a …
March 6, 2021 • 1 min read
SecurityType:
Trojan Horse
Platform:
Mac OS X
Last updated:
04/02/16 10:02 am
Threat Level:
High
Description
CallMe is a Trojan horse that targets Tibetan activist organizations. The Trojan infects its target through a malicious Microsoft Word (.doc) file, exploiting an older Word vulnerability cataloged as CVE-2009-0563.
Once active, CallMe is able to run commands on the infected system; however, it only takes a limited number of actions using these permissions. The Trojan attempts to connect to a command and control server; creates a copy of the user’s contact list for the malware authors to access remotely; and establishes a …
March 6, 2021 • 2 min read
SecurityBundlore is adware.
MacScan can detect and remove Bundlore Adware from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.
March 6, 2021 • 1 min read
SecurityType:
Trojan Horse
Platform:
Mac OS X
Last updated:
04/02/16 7:14 am
Threat Level:
High
Description
BlackHoleRAT is a Trojan horse that allows remote access by malicious third parties to an infected computer. Early versions of the Trojan were relatively unsophisticated and seemed to be intended as proof of concept, but subsequent, better-developed variants were soon discovered — and these were being offered for distribution.
BlackHoleRat is able to carry out a range of malicious actions on an infected machine, including the following: It can request an administrator password and store it to a file, execute shell scripts, turn the …
March 6, 2021 • 1 min read
SecurityType:
Keylogger
Platform:
Mac OS X
Last updated:
02/09/16 9:14 pm
Threat Level:
High
Description
BackTrack is a keylogger. It is marketed as a data recovery tool designed to help users in the event of an application crash, but like all keystroke logging software, it can also be used to record the activity of any user working on the computer on which it is installed.
BackTrack captures all keystrokes — with the exception of passwords — and saves them in an SQLite database file along with relevant metadata. In addition to what was typed, the program also records the application …
March 6, 2021 • 2 min read
SecurityBPK is a keylogger.
MacScan can detect and remove BPK Keylogger from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.
March 6, 2021 • 1 min read
SecurityType:
Keylogger
Platform:
Mac OS X
Last updated:
02/09/16 9:14 pm
Threat Level:
High
Description
Award is a keylogger. Like all keyloggers, it can be used to monitor the activity of any system on which it is installed.
Award allows the administrator to monitor keystrokes, clipboard content, and app usage. The keylogger can also take screenshots, either at set intervals or whenever a specific event (like a mouse click) occurs. Data is collected into log files which are then delivered via email to whoever controls the software.
Unlike other, more fully-featured keyloggers and spyware, Award does not permit the monitoring of …
March 6, 2021 • 2 min read
SecurityType:
Adware
Platform:
Mac OS X
Last updated:
02/09/16 9:14 pm
Threat Level:
High
Description
AskToolbar is adware, though it is sometimes classified as a Potentially Unwanted Program as well. AskToolbar is typically bundled with other software as an add-on during the installation process (this is very common, for example, during the installation of Oracle’s Java). The installer program for the primary application gives users the option to add the Ask toolbar and make Ask their primary search engine. This option is often pre-selected by default. AskToolbar is then installed as a browser extension on the user’s system, and …
March 6, 2021 • 1 min read
Securityalso known as OSX/ARDScript.A, OSX/Hovdy.A
Type:
Trojan Horse
Platform:
Mac OS X
Last updated:
02/09/16 9:14 pm
Threat Level:
High
Description
AppleScriptTHT is a trojan horse. First spotted in the wild in 2008, the malware was discovered when it was offered for distribution on a hacker website, with site forum members discussing possible delivery vectors which included the messaging app iChat and the filesharing service LimeWire.
In order to become infected, a user must first download and launch AppleScriptTHT. Once installed, the Trojan exploits a vulnerability in the Apple Remote Desktop Agent in order to gain administrative privileges on the infected …
March 6, 2021 • 2 min read
Securityalso known as OSX/ABK
Type:
Keylogger
Platform:
Mac OS X
Last updated:
02/04/20 9:53 am
Threat Level:
High
Description
Aobo is a keylogger marketed as a child and employee monitoring tool, but like all keystroke logging software, it can be used to monitor the activities of any computer on which it is installed.
Formerly offered by Awosoft Co., Ltd., and related to the Amac and EaseMon keyloggers, Aobo has both Standard and Professional editions. Aobo is designed to run silently in the background on a host computer, and can only be accessed using a special hotkey set up by the person …
March 6, 2021 • 2 min read
SecurityType:
Keylogger
Platform:
Mac OS X
Last updated:
02/09/16 9:14 pm
Threat Level:
High
Description
AnyKL is a keylogger. Like all forms of keystroke logging software, AnyKL can record the activity of all users of the computer on which it is installed.
AnyKL records keystrokes entered on the system as well as information about which application was being used at the time. The Professional Edition of AnyKL also supports password capture. In addition to logging keystrokes, the app takes system screenshots, records user web activity, and tracks program launches and app installations. AnyKL covertly transmits all logs to an email …
March 6, 2021 • 1 min read
Securityalso known as OSX/AMK.A, OSX/AMK.B, OSX/AMK.C
Type:
Keylogger
Platform:
Mac OS X
Last updated:
03/02/19 12:34 am
Threat Level:
High
Description
Amac is a keylogger marketed as a monitoring tool for employers, parents, and schools. However, like all keystroke logging software, it can be used to record the activity of any computer on which it is installed.
Formerly offered by Amac Software Co., Ltd., and related to the Aobo and EaseMon keyloggers, Amac is designed to run undetected in the background of the Mac on which it is installed, without any telltale icons or folders visible to the user. The software …
March 6, 2021 • 2 min read
SecurityType:
Hybrid Threat
Platform:
Mac OS X
Last updated:
02/09/16 9:14 pm
Threat Level:
High
Description
AgentBob is a hybrid keylogger and screen recorder program. It is sometimes presented as a parental monitoring tool, but like all software with keystroke logging and screen recording capabilities, it can be used to monitor the activity of any user of the computer on which it is installed.
AgentBob is designed to covertly record all keystrokes and save the data in text files, though it is unable, in most cases, to record text entered in password fields. AgentBob also takes screenshots of the system …
March 6, 2021 • 2 min read
SecurityType:
Keylogger
Platform:
Mac OS X
Last updated:
02/09/16 9:14 pm
Threat Level:
High
Description
AceSpy is a keylogger marketed as a parental monitoring tool, but like all keystroke logging software, it can be used to monitor the activities of any computer on which it is installed.
Designed to run undetected on the host computer, AceSpy creates detailed records of the system’s activities and forwards them to an email address controlled by whoever installed the program. In addition to logging keystrokes, AceSpy records web and search activity, email conversations, and social media interactions; it is also able to take screenshots …
March 6, 2021 • 2 min read
SecurityApple has three great checklists that we’re featuring on this week’s eposide: If you want to see if anyone else has access to your device or accounts, If you want to stop sharing with someone whom you previously shared with, and If you want to make sure no one else can see your location.
March 4, 2021 • 8 min read
SecuritySilver Sparrow is malware.
MacScan can detect and remove Silver Sparrow malware from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.
March 2, 2021 • 1 min read
SecurityHoverwatch is a keylogger.
MacScan can detect and remove the Hoverwatch keylogger from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.
March 1, 2021 • 1 min read
SecurityThis week on the Checklist, security researcher Patrick Wardle joins us to discuss the new Silver Sparrow malware variant.
February 25, 2021 • 6 min read