Author Topic: Malicious code at MacUpdate  (Read 982 times)

Offline kimmer

  • Administrator
  • TS Addict
  • *****
  • Posts: 9086
    • View Profile
Malicious code at MacUpdate
« on: February 12, 2018, 05:50:16 PM »
http://tidbits.com/article/17791

On Feb. 1, 2018, the MacUpdate site was hacked and a malicious code was inserted into a few updates (read article for further info). Note that the hack lies with MacUpdate, not the developers. Info on removing and such is at Malwarebytes.

https://blog.malwarebytes.com/threat-analys...macupdate-hack/

As TidBITS points out ... it’s always best to update an app from inside the app itself or via the developer’s Web site.
« Last Edit: February 12, 2018, 05:50:40 PM by kimmer »

Offline Xairbusdriver

  • Administrator
  • TS Addict
  • *****
  • Posts: 26388
  • 27" iMac (mid-17), Big Sur, Mac mini, Catalina
    • View Profile
    • Mid-South Weather
Malicious code at MacUpdate
« Reply #1 on: February 12, 2018, 05:53:43 PM »
Affirmative! Stop using all non-developer update sites.
THERE ARE TWO TYPES OF COUNTRIES
Those that use metric = #1 Measurement system
And the United States = The Banana system
CAUTION! Childhood vaccinations cause adults! :yes:

Offline jcarter

  • TS Addict
  • *****
  • Posts: 5808
    • View Profile
    • http://www.jcarter.net/ourdogs/muffinpage.html
Malicious code at MacUpdate
« Reply #2 on: February 13, 2018, 07:42:50 AM »
Got this from macupdate, obviously not, its in my trash.
Moused over the links.

Offline jchuzi

  • TS Addict
  • *****
  • Posts: 3094
    • View Profile
Malicious code at MacUpdate
« Reply #3 on: February 13, 2018, 08:50:34 AM »
QUOTE(Xairbusdriver @ Feb 12 2018, 06:53 PM) <{POST_SNAPBACK}>
Affirmative! Stop using all non-developer update sites.
Agreed, but I can't stop because I never started! That's like being advised to quit smoking for your own good. I guess I'll have to start smoking so that I can quit.  Devilish2.gif
Jon

macOS 11.7.10, iMac Retina 5K 27-inch, late 2014, 3.5 GHz Intel Core i5, 1 TB fusion drive, 16 GB RAM, Epson SureColor P700, Photoshop CC, Lightroom CC, MS Office 365

Offline Xairbusdriver

  • Administrator
  • TS Addict
  • *****
  • Posts: 26388
  • 27" iMac (mid-17), Big Sur, Mac mini, Catalina
    • View Profile
    • Mid-South Weather
Malicious code at MacUpdate
« Reply #4 on: February 13, 2018, 09:31:38 AM »
QUOTE
This is sitting in my trash
Why is it not sitting in your SpamSsieve "SPAM" box?! Or whatever app you use for training/monitoring/moving/deleting such 'messages'.

Perhaps Jane's email points out the similarities between the danger of smoke and using the web; you don't have to smoke to be harmed by others doing it. Likewise, merely using some sites means you may be targeted by SPAMmers. Get as many email addresses as possible and use them only for any new site that requires one. When, not if, you start getting SPAM to that address, close/cancel/change it.

Unfortunately, many of us used sites like c|net to download apps before the App Store existed and some devs could barely afford to buy a Mac, much less pay for a server! wink.gif Too soon, hackers saw these sites as easy access to a bigger 'market'... And some people still use these kinds of sites to download "free" or no longer supported versions of apps. "You can lead a horse to water but you can't teach him how to make lemonade!"
THERE ARE TWO TYPES OF COUNTRIES
Those that use metric = #1 Measurement system
And the United States = The Banana system
CAUTION! Childhood vaccinations cause adults! :yes:

Offline jcarter

  • TS Addict
  • *****
  • Posts: 5808
    • View Profile
    • http://www.jcarter.net/ourdogs/muffinpage.html
Malicious code at MacUpdate
« Reply #5 on: February 13, 2018, 09:44:50 AM »
This one was in my comcast spam box, but I looked at it and moved it to Trash, which I delete.

Its so important to mouse over those links!