A visit to the Apple store will give any consumer a false sense of security, you will be told that by buying a Mac you are safe from threats and malware. I have even been told this even after I explain what I do for a career. A vast majority of Mac users still believe that they are safe from the threat of malware because of this, even though the magic myth of Mac immunity has long been disproven and really exploited in the past years with such concepts of Thunderstrike and root privilege exploits. However, most of the malware that we come across for Mac has been adware. The annoying pop ups or redirects that try to get you to spend money or download shady software.
Variants of VSearch and Genieo have been on top of the list for most downloaded Mac malware. Most people’s cure for this would be to install an ad blocker such as AdBlock Plus. I can’t blame them for this as I also run an ad blocker on my personal Mac. The downfall to this is that these adware companies have figured this out and added code to their program to allow their ads even with your blocker running. This is why the Mac community needs a strong security software on their machines. Researching one of these variants, we came across code that will search for your ad blocking program, download an exception text file and insert it into the settings of your ad blocker. Here is a sample of the exception text it downloaded.
[Adblock Plus 2.0] @@||search.yahoo.com^$document @@||bing.com^$document @@||genieo.com^$document @@||strtpoint.com^$document
This code allows their ads to run and the user is none the wiser. The adware creates its own rules for your security plugin. This is just the beginning of what could be a crucial change in the malware found on Macs. Malware may only be using exploits like this for advertisements currently but what is stopping it from using this same kind of exploit to send personal data out in the future? Putting your security in the hands of a software that only protects you from one type of malware simply isn’t enough anymore. It is easy to find articles that claim Apple computers are invincible but the fact is malware for Mac is real and it is getting increasingly better at ensuring its survival.
Does this article referring AdBlock refer only to Mac?
This is very scary to know how slick these threats have become on a Mac. Thank you for this awesome article. We are not safe in the Mac world anymore The Apple time is up with these code writers wouldn’t you say? It was only a matter of time…..Protection is survival!
Now I see why I was always mildly suspicious of AdBlock. Thanks for your detail. A bow in your direction.
I love ur site a lot. we think I will visit ur site again soon.
I personally think it is a”Scare” tactic,but each to their own..
AdBlock Plus isn’t a light weight addon for firefox or chrome. I use ublock origin extension. Does adblock plus put risk also at windows os? good blog.
Adblock Plus does not put your Computer at risk, Matiru, but you are correct that uBlock origin is designed to be more lightweight.