Security News > 2020 > June > Bundlore adware brings a new nest of risks to Mac users

Bundlore adware brings a new nest of risks to Mac users
2020-06-18 18:52

Even Apple itself came to the anti-virus party back in 2009 when it introduced a rudimentary malware blocking tool called XProtect right into into OS X. Whether you called it malware or not, there have long been "Software actors" out there ready to go after Mac users in the same way that they've been going after Windows users for years.

SophosLabs has just published a fascinating new report about an adware threat known as Bundlore that has Mac users very clearly in its sights.

Bundlore itself isn't new - Sophos products have been detecting an adware family by that name on both Windows and Mac since about 2015 - but the operators behind it are certainly keeping up with the times.

As you can see, the Mac version of the Bundlore installer, which arrives as a Mac DMG file and presents itself an app called WebTools, goes through a legitimate-looking licence acceptance process.

Notably, recent versions of Bundlore for Mac simultaneously support both older and newer versions of Safari on the Mac, including browser plugins that work across all recent versions of macOS. Remember that browser plugins work right inside the browser itself, so they get to see web requests before they go out, and web replies before they are processed for display.


News URL

https://nakedsecurity.sophos.com/2020/06/18/bundlore-adware-brings-a-new-nest-of-risks-to-mac-users/