The long journey to USB-C on the iPhone seemed to end with the iPhone 15 all but confirmed to have the charging port installed. Apple has resisted the request for USB-C on the iPhone, often citing that it would affect the integrity and performance of its device. With new laws passed in the EU, Apple can no longer ignore USB-C, but that doesn’t mean they’re going down easily. exact reports have surfaced that Apple may slap MFi certification on USB-C cables used with iPhones and iPad.

Estimated reading time: 2 minutes

MFi certification is an Apple program that they put in place to “vet” the accessories used with their devices. Power accessories used with the MFi certification blessing tend to cost much more than those without the Fruit Blessing. Here, you can read more about the program in a piece we wrote in early 2018.

According to GizmoChina, the technical staff at FiiO (an audio and accessory maker) has confirmed that the latest iOS version has encrypted the USB-C port of their devices, which has caused restrictions on non-certified accessories.

According to NotebookCheck, a Weibo account known for leaking Apple news says, Apple will implement the MFi requirement by installing custom “lightning interface” integrated circuits into new iPhones in the future. None of this is confirmed, but Apple rumors tend to see the light of day eventually, and it will be a frustrating turn of events if true. We’ll know more once the new iPhone 15 is announced; I’m sure Apple will address the move to USB-C in its Keynote.

What do you think of the possibility of MFi certification being used on USB-C cables for Apple devices? Please share your thoughts on any of the social media pages listed below. You can also comment on our MeWe page by joining the MeWe social network. Be sure to subscribe to our RUMBLE channel as well!

While the dream of having one perfect web browser to use on your Mac sounds nice, for most of us, it isn’t reality. Different browsers have different strengths and weaknesses, especially when it comes to work, so we need to jump between apps like Safari and Chrome all day. The problem is, we’re only allowed one default browser, which means every link you click opens your designated choice. It shouldn’t be this way. And now, it doesn’t have to be.

I deal with multiple browsers every day. For general use, I like Safari, because it’s relatively secure and it obviously integrates well with the Apple ecosystem. However, I keep Chrome on my Mac, too, for any Google-related tasks, especially Google Meet video calls. The problem is, if I click on a Google Meet invite link, it’ll open in Safari, so I have to remember to copy the link and paste it in Chrome every time I want to use it.

You might do the same. You might even use more browsers. Firefox, Edge, DuckDuckGo, etc., all have their pros and cons, and perhaps you have different use cases for each. If you ever need to use more than one browser on your Mac, you need to try Velja, a utility that lets you control which links open in which browsers.

Velja isn’t your average Mac utility. In fact, it’s actually, technically, your new web browser. The app doesn’t have the user browser interface, or the ability to search the web by itself anyway. But it tricks macOS into thinking it’s the default web browser, which allows it to select other web browsers to open when you click a link.

When you obtain Velja, you’ll need to grant it access to your system’s Applications folder. No worries if you don’t know where that is: The app walks you through setup quite easily. It just warns you not to change this folder in the future, or else it won’t work anymore.

Once Velja is up and running, things might seem the same at first. It defaults to your current default browser for any new links you click. So, if you normally have Safari as your default browser, links will still open in Safari. If it’s Chrome, links will open in Chrome. You get the picture.

However, hold down the Fn key on your Mac before clicking the link, and a new pop-up will appear, featuring every browser currently installed on your machine. For me, that’s eight different options (is that too many?). Now, select the browser you want the link to open in, or hit the corresponding number key to open it quicker.

There’s a lot of customization offered here, too. Dive into Velja’s settings, and you’ll find options for picking a default browser, making Fn open a separate browser rather than the browser prompt, choosing the browsers that appear in the prompt and their order, changing the menu bar icon, and choose to launch Velja at login, so you’re ready to go the next time you reboot your Mac.

However, where the customization gets really useful is the Rules tab. Here, you can create custom situations for specific apps and links. For example, the most useful one to me is a rule that opens all Slack links in my work Chrome profile. Before Velja, I’d click a link, and it’d open in my personal Chrome profile, or in Safari, and I wouldn’t have access to the link. You might go through a similar song and dance if you work on a personal computer, too.

To set up this rule, go to Browser profiles from the Browsers tab, then choose “Access Granted” to grant access to the Application Support folder. Now, go to Rules, create a new rule and name it (e.g., “Work Slack”). Then, choose the specific browser profile you want links to open in; click the (+) next to “Source Apps” and choose Slack, then click “Save.” Head back to Slack, click a link, then follow the on-screen instructions: You’ll need to copy the “open.sh” file it opens and paste it into the other folder it opens for you. Don’t drag and drop, since it needs to live in both folders.

Now, all Slack links will open in your chosen Chrome profile, while links outside the app route to your default browser. Genius.

Velja can be as simple or as complex as you want it to be, but if you use more than one browser on your Mac, I highly recommend you download it for free from the Mac App Store.

• The right computer hardware certification can help you score one of thousands of potential IT jobs.
• Computer hardware certifications that focus on a specific brand or industry will help you advance in those ecosystems.
• Computer hardware certifications that focus on neutral equipment or tools will deliver you the possibility of working for a variety of small and big businesses.
• This article is for job seekers interested in the IT industry and computer hardware certifications. 

With a significant increase in remote and computer-based work in exact years, the need for businesses and individuals to maintain computer performance is key. While software work and coding are usually at the center of the conversation when it comes to potential computer-related jobs, becoming a computer technician is a great point of entry into the IT field. Breaking into this industry is easier for those who obtain computer hardware certifications. These certifications can help demonstrate your knowledge and competency in maintaining computers, mobile devices, printers and more. 

Best computer hardware certifications

As you can imagine, there’s a wide variety of computer hardware certifications available, so finding the best option can be overwhelming. We did a little digging and put together some of our favorite certifications for an easy way to begin your research. Below, you’ll find our picks for the top computer hardware certifications to help get your IT career off the ground. The list is in alphabetical order.

Apple Certified Support Professional

Given the popularity of Apple products and platforms, and the widespread use of Macintosh computers in homes and businesses of all sizes, there’s demand galore for Mac-savvy computer technicians.

As Apple products are dynamic and expand the Apple ecosystem, the company’s certification program has changed to stay up to date. The latest Apple certification available to qualify someone to work with their products is the Apple Certified Support Professional certificate. This credential acknowledges that the holder has expertise in the Apple tools, services and best practices an organization would need to use. A person with the Apple Certified Support Professional certification can help troubleshoot everything used by a help desk professional, technical coordinator or service provider that supports Mac, iPhone and iPad users; manages networks; or provides technical support for Apple devices. 

Obtaining the Apple Certified Support Professional certificate requires passing the Apple Device Support exam, which gives passing students the company’s digital badge proving certification. Users are allotted four attempts (each must be purchased) to pass the exam, with a two-week buffer period between each attempt. Skills that are covered under this certificate include Apple Device Setup and Security, Apple Hardware, Backup, Help Desk Support, and iPhone, iPad and Mac Support. 

The Apple Certified Support Professional is a permanent credential and doesn’t require annual recertification. However, Apple has changed and updated its certifications over the years, with its popular AppleCare Mac Technician certificate in 2017 no longer available. That certificate itself was an updated certificate. Keeping up with Apple’s offered certifications will help you stay current with industry expectations and get the best salary ranges. Furthermore, if Apple is where you want your career to go, obtaining this certificate will allow you to later pursue the Apple Certified IT Professional credential.

BICSI Technician (TECH) Certification

BICSI is a professional association that supports the information and communications technology (ICT) industry, mainly in the areas of voice, data, audio and video, electronic safety and security, and project management. BICSI offers training, certification and education to its more than 26,000 members, many of whom are designers, installers and technicians.

BICSI facilitates several certifications aimed at ICT professionals, who mainly deal with cabling and related technologies. Two credentials, the BICSI Technician (TECH) and the BICSI Registered Communications Distribution Designer (RCDD), are pertinent (and popular) for those interested in computer hardware.

The BICSI Technician certification recognizes individuals who lead an installation group or team, perform advanced testing and troubleshooting of cable installations, evaluate cabling requirements, recommend solutions based on standards and best practices, and roll out new and retrofit projects. Technicians must be well versed in both copper and fiber cabling, which calls for candidates who have a good deal of knowledge about the hardware, networking devices and communications equipment to which they connect cables.

Did you know?: The impact of the BICSI Technician (TECH) certification on people interested in computer networking is so significant that we also feature it in our roundup of the best certifications to advance your networking career.

To earn the BICSI Technician credential, candidates must pass a two-part test consisting of a hands-on practical evaluation and a written test. To be eligible for the exam, interested candidates must meet one of four requirements (see breakdown in chart below). 

Interested candidates should also check out other BICSI certifications, such as the Installer 1 (INST1), Installer 2 Copper (INSTC) and Installer 2 Optical Fiber (INSTF). Credentials are valid for three years. Certification holders must earn 18 hours of continuing education credits (CECs) in each three-year credentialing cycle and pay the current renewal fees to maintain this credential.

BICSI Registered Communications Distribution Designer (RCDD) Certification

An advanced BICSI credential, the Registered Communications Distribution Designer (RCDD) certification is so well respected that the Department of Defense Unified Facilities requires it for several telecom-related design projects. 

RCDD candidates should be able to create and prepare system design specifications and plans, as well as recommended best practices for security design requirements for business automation systems. Those certificated are also well versed in data centers, cabling systems, and design for wireless, network and electronic security systems.

Tip: If working with data seems more appealing to you, here are our recommendations for the best big data certifications.

To earn this credential, candidates must meet the experience requirements, submit the application (plus credentialing fees and a current resume) and pass the exam. In addition, candidates’ experience must be verified, and BICSI may require additional resources as proof of experience. The RCDD test requires individuals to meet one of three eligibility requirements, as outlined in the chart below.

CCT Routing & Switching: Cisco Certified Technician Routing & Switching

Cisco certifications are valued throughout the tech industry. The Cisco Certified Technician (CCT) certification is an entry-level credential that demonstrates a person’s ability to support and maintain Cisco networking devices at a customer site. The CCT Routing & Switching credential best fits our list of the top computer hardware certifications, and it serves as an essential foundation for supporting Cisco devices and systems in general.

Obtaining the CCT requires passing a single exam. subjects include identification of Cisco equipment and related hardware, such as switches and routers, general networking and service knowledge, working with the Cisco Technical Assistance Center (TAC), and describing Cisco IOS software operating modes. Candidates should also have a working knowledge of Cisco command-line interface (CLI) commands for connecting to and remotely servicing Cisco products. [Learn more in our detailed Cisco Certification guide.]

CompTIA A+

The CompTIA A+ certification is the granddaddy and best known of all hardware credentials. For anyone serious about working with PCs, laptops, mobile devices, printers or operating systems, the A+ should at least be on your radar, if not in your game plan.

Since the first A+ credential was awarded in 1993, the program continues to draw active interest and participation. With more than 1 million IT professionals now possessing this certificate, it’s something of a checkbox item for PC technicians and support professionals. It also appears in many job postings and advertisements, as you’ll notice in our job board search results further down.

A+ is also ISO 17024 compliant and accredited by the American National Standards Institute (ANSI). As a result, this credential must be renewed every three years in keeping with concomitant requirements for continuing education or regular examinations to maintain certification currency. Some 20 continuing education units (CEUs) are required for renewal.

The A+ certification encompasses broad coverage of PC hardware and software, networking and security in its overall technical scope. Earning an A+ from CompTIA involves passing two exams: 220-1101 and 220-1102. test 220-1101 covers mobile devices, networking technology, hardware, virtualization and cloud computing. test 220-1102 draws on knowledge of installing and configuring common operating systems (Windows, Linux, OS X, Android and iOS) and covers security, software and operational procedures. Candidates will find a variety of question formats, including standard multiple-choice, drag-and-drop and performance-based questions, on these exams.

Candidates who earn the A+ often find themselves in roles such as system support specialist, field service technician, desktop support specialist, help desk technician, associate network engineer and junior system administrator. The A+ is recognized by the U.S. Department of Defense (in DoD Directive 8140/8570.01-M). Also, technology companies like Ricoh, Nissan, Dell, HP and Intel require staff to earn the A+ certification to fill certain positions.

CompTIA Server+

CompTIA also offers a server-related certification, which goes beyond covering basic PC hardware, software and networking subjects to the more demanding, powerful and expensive capabilities in the same vein usually associated with server systems.

The Server+ credential tackles the essential hardware and software technologies of on-premises and hybrid server environments, including high availability, cloud computing and scripting. Obtaining the Server+ certificate also demonstrates multistep knowledge to securely deploy, administer and troubleshoot servers, including coverage of more advanced storage systems, IT environments, virtualization and disaster recovery, and business continuity topics. It also puts a strong emphasis on best practices and procedures for server problem diagnosis and troubleshooting. 

Earning the Server+ certificate from CompTIA involves passing one exam: SK0-005. The test assesses the hands-on skills of IT professionals who install, manage and troubleshoot servers in data centers, as well as in on-premises and hybrid environments. Candidates will find a variety of question formats, including standard multiple-choice and performance-based questions.

Tip: If the Server+ certificate’s focus on data centers is attractive, you may also want to consider other data center certifications.

Candidates who earn the Server+ credential often find themselves in roles such as system administrator, server administrator, data center technician or engineer, field service technician or engineer, network administrator, and IT technician. It can also be a stepping stone into vendor-specific server technician training programs at a wide variety of blue-chip companies or with their authorized resellers and support partners. Although Server+ is vendor-neutral in coverage, organizations such as HP, Dell, Intel, Microsoft, Xerox, Lenovo and HP use Server+ credentialed technicians. 

Get more information on CompTIA credentials in our CompTIA certification guide.

Beyond the top 6: More hardware certifications

There are many more hardware-oriented certifications available that you might want to consider. As you get into IT and start to develop a sense of your own interests and observe the hardware systems and solutions around, you’ll be able to dig deeper into this arena.

You can investigate all the major system vendors (including HP, Dell, IBM, and other PC and server makers) as well as networking and infrastructure companies (such as Juniper and Fortinet) to find hardware-related training and certifications to occupy you throughout a long and successful career.

Although ExpertRating offers many credentials, we excluded it from our list after viewing several complaints regarding the general quality of the courses. Obviously, such complaints are from disgruntled customers, but they were enough to make us proceed with caution.

Did you know?: Business News Daily has compiled all of the best IT certifications for easy access.

Job board search results

During a exact search of popular job boards, we found a plethora of businesses seeking candidates with computer hardware certifications for open roles. 

Various factors, such as the specific job role, locality and experience level, may impact salary potential. Indeed lists the average base pay for an IT technician as $66,013, while other sites share an average that lies closer to $55,000. The average national salary for computer hardware technicians ranges from about $31,000 to more than $53,000. However, some certifications command higher salaries. For example, Certification Magazine’s 2022 Annual Salary Survey found that the average salary for someone with a CompTIA A+ credential is $100,660.

Computer hardware certifications and your future

As technology is ever-changing and its dynamic nature is constant in our society, the need for qualified individuals to help Boost and maintain the computer hardware contributing to our technological growth will grow itself. You can help meet that need. However, in an area where continuous change in tools and technology is the norm, a course of lifelong learning will be essential to help you stay current on what’s relevant in the field today and will likely show up on the job soon.

Ed Tittel and Mary Kyle contributed to the writing and research in this article. 

Before there was the Mac, there was the Lisa, Apple’s first computer to feature a graphical user interface. Lisa was released 40 years ago this week, and to celebrate the anniversary, the Computer History Museum—which calls Lisa “Apple’s most important flop”—is offering the source code of the Lisa software free to download.

The obtain is a mere 7MB compressed, 30MB expanded. You do, however, have to agree to a license agreement before you can get the download, and provide your name and email address. And then once you obtain it, you’ll need to figure out how to run it.

A look at the Lisa GUI tells you instantly where the Mac has its roots. In fact, the Mac’s desktop still takes its cues from Lisa, with pulldown menus across the top and icons for files and apps. The Lisa software ran on a Motorola 68000 and even allowed for multitasking, but the 68000 had a hard time handling the Lisa software, and the computer was slow and expensive, and it became a footnote after the Mac launched in 1984.

Named after Steve Jobs’s daughter, the Lisa made its debut on January 19, 1983. It was priced at $9,995, which was several thousand dollars more expensive than IBM PCs with command-line interfaces. Apple hoped that the GUI was enough to overcome the high price and slow performance, but the computer didn’t sell.

The Macintosh made its debut in 1984, at a more reasonable $2,495, Apple also released new Lisa computers at the same time, but it was the Mac that caught on, and Lisa was eventually scrapped. Suffice to say, without Lisa there would be no Mac, and the history of the machine is fascinating. You can learn more about the history of Lisa on the Computer History Museum website.

The Computer History Museum, located in Mountain View, California (about 9 miles north of Apple Park in Cupertino), is hosting an event to celebrate Lisa’s 40th anniversary. Speakers who were part of the Lisa development team, such as Bill Atkinson, Bruce Daniels, and John Couch, are featured. The event will also have demos with a working Lisa computer, and an Apple-themed scavenger hunt. The event is on January 31 at 5:30 P.M. Pacific, and registration is required.

Despite Apple’s best efforts, Mac malware does exist, we describe some cases below. However, before you panic, Mac malware and viruses are very rarely found “in the wild”.

From time to time you will hear of big profile trojans, malware, and ransomware that is targeting the Windows world, very rarely is this a threat to Macs. For example, the worldwide WannaCry/WannaCrypt ransomware attack that hit back in May 2017 was only targeting Windows machines and therefore no threat to Macs.

Luckily Apple has various measures in place to guard against such threats. For example, macOS shouldn’t allow the installation of third-party software unless it’s from the App Store or identified developers. You can check these settings in macOS Ventura’s System Settings > Privacy & Security and scroll to the Security section, or, if you are using Monterey or older, go to System Preferences > Security & Privacy > General. You can specify whether only apps from the Mac App Store can be installed, or if you are happy to allow apps from identified developers too. If you were to install something from an unknown developer Apple would warn you to check it’s authenticity.

In addition Apple has its own built-in anti-malware tool. Apple has all the malware definitions in its XProtect file which sits on your Mac, and every time you obtain a new application it checks that none of those definitions are present. This is part of Apple’s Gatekeeper software that blocks apps created by malware developers and verifies that apps haven’t been tampered with. For more information read: how Apple protects you from malware. We also discuss whether Macs need antivirus software separately.

In exact years malware on the Mac actually decreased, however, as you will see if you read on, Macs are not completely safe from attacks. To stay safe, we recommend you read our best Mac security tips and our round up of the best Mac antivirus apps, in which we highlight Intego as our top pick.

Another thing to note is that Apple’s own M-series chips that it has been using in Macs since November 2020 are considered more secure than Intel processors. However, malware, dubbed Silver Sparrow, was found on the M1 Mac soon after launch so even Apple’s own chips are not immune.

Curious to know what Mac viruses are out there? In this article we will endeavour to deliver you a complete list.

PROMOTION

Antivirus Deal: Intego Mac Premium Bundle

© Mac World

Get Intego’s Mac Premium Bundle X9 with antivirus, firewall, backup and system performance tools for just $29.99 (down from $84.99) for the first year.

Get Deal

Mac malware in 2022

Alchimist

When: October 2022. What: Provide a backdoor onto the target system. Targeting a vulnerability in a 3rd party Unix tool. Who: Very specific target as pkexec is rarely found on Macs.

Lazarus

When: August 2022. What: Malware disguised as job postings. Who: Targeting Coinbase users and Crypto.com.

VPN Trojan

When: July 2022. What: VPN app with two malicious binaries: ‘softwareupdated’ and ‘covid’.

CloudMensis/BadRAT

When: July 2022. What: Spyware downloader that uses public cloud storage services such as Dropbox, Yandex Disk and pCloud. Exploited CVE-2020-9934 which was closed macOS Catalina 10.5.6 in August 2020.

CrateDepression

When: May 2022. What: Supply chain attack with screencapture, keylogging, remote file retrieval. Who: Targeted the Rust development community.

Pymafka

When: May 2022. What: Hoping that users might mistype and obtain the malware instead of legitimate pykafka. Who: Targeting PyPI registry.

oRAT

When: April 2022. What: Distributed via a Disk Image masquerading as a collection of Bitget Apps. Who: Targeting gambling websites.

Gimmick

When: March 2022. What: Distributed as a CorelDraw file that was hosted on a Google Drive. Who: Targeting protest groups in Asia.

DazzleSpy

When: January 2022. What: Included code for searching and writing files, dumping the keychain, running a remote desktop and more. Read more here: Patched Mac malware sheds light on scary backdoor for hackers. Who: Targeting supporters of democracy in Hong Kong.

ChromeLoader

When: January 2022. What: Chrome browser extension that could steal information, hijack the search engine queries, and serve adware.

Mac malware in 2021

macOS.Macma

When: November 2021. What: Keylogger, screen capturer, screen capturer and backdoor. Who: Targetting supporters of pro-democracy activism in Hong Kong.

OSX.Zuru

When: September 2021. What: Trojan that spread disguised as iTerm2 app. Microsoft’s Remote Desktop for Mac was also trojanized with the same malware. Who: Spread via sponsored web links and links in the Baidu search engine.

XCSSET Updated

When: May 2021 (originally from August 2020). What: Used a zero-day vulnerability in Safari. See: macOS 11.4 patches flaws exploited by XCSSET malware. Who: Aimed at Chinese gambling sites.

XLoader

When: July 2021. What: The XLoader malware was one of the most prevalent pieces of Windows malware to have been confirmed to run on macOS. XLoader is a variant of Formbook, a program used to steal login credentials, record keystrokes, and obtain and execute files.

WildPressure

When: July 2021. What: New multi-platform version of Milum Trojan embedded in a Python file. Who: Targeting Middle East activists.

XcodeSpy

When: March 2021. What: A Trojan hidden in Xcode projects in GitHub had the potential to spread among the Macs of iOS developers. Once installed a malicious script runs that installs an “EggShell backdoor”. Once open the Mac’s microphone, camera and keyboard can be hyjacked and files can be send to the attacker. The malware was found in a ripped version of TabBarInteraction. Read more here: New Mac malware targets iOS developers. Who: Attack on iOS developers using Apple’s Xcode.

Silver Toucan/WizardUpdate/UpdateAgent

When: February 2021. What: Adload dropper that was notarized by Apple and used a Gatekeeper bypass.

Pirri/GoSearch22

When: February 2021. What: Based on Pirri and known as GoSearch22 infected Macs would see unwanted adverts. More information here: M1 Macs face first recorded malware.

Silver Sparrow

When: January 2021. What: Malware targeting Macs equipped with the M1 processor. Used the macOS Installer Javascript API to execute commands. According to Malwarebytes, by February 2021 Silver Sparrow had already infected 29,139 macOS systems in 153 countries, most of the infected Macs being in the US, UK, Canada, France and Germany. More details here: What you need to know about Silver Sparrow Mac malware.

OSAMiner

When: January 2021 (but first detected in 2015). What: Cryptocurrency miner distributed via pirated copies of popular apps including League of Legends and Microsoft Office.

ElectroRAT

When: January 2021. What: Remote Access Trojan targeting multiple platforms including macOS. Who: Targeting cryptocurrency users.

Mac malware in 2020

GravityRAT

When: October 2020. What: GravityRAT was an infamous Trojan on Windows, which, among other things, had been used in attacks on the military. It arrived on Macs in 2020. The GravityRAT Trojan can upload Office files, take automatic screenshots and record keyboard logs. GravityRAT uses stolen developer certificates to bypass Gatekeeper and trick users into installing legitimate software. The Trojan is hidden in copies of various legitimate programs developed with .net, Python and Electron. We have more information about GravityRAT on the Mac here.

XCSSET

When: August 2020. What: Mac malware spread through Xcode projects posted on Github. The malware – a family of worms known as XCSSET – exploited vulnerabilities in Webkit and Data Vault. Would seek to access information via the Safari browser, including login details for Apple, Google, Paypal and Yandex services. Other types of information collected includes notes and messages sent via Skype, Telegram, QQ and Wechat. More information here.

ThiefQuest (aka EvilQuest)

When: June 2020. What: ThiefQuest, which we discuss here: Mac ransomware ThiefQuest/EvilQuest could encrypt your Mac, was Ransomware spreading on the Mac via pirated software found on a Russian torrent forum. It was initially thought to be Mac ransomware – the first such case since 2017 – except that it didn’t act like ransomware: it encrypted files but there was no way to prove you had paid a ransom and no way to subsequently unencrypted files. It turned out that rather than the purpose of ThiefQuest being to extort a ransom, it was actually trying to obtain the data. Known as ‘Wiper’ malware this was the first of its kind on the Mac.

Mac malware in 2019

NetWire and Mokes

When: July 2019. What: These were described by Intego as “backdoor malware” with capabilites such as keystoke logging and screenshot taking. They were a pair of Firefox zero-days that targeted those using cryptocurrancies. They also bypassed Gatekeeper. backdoor” malware

LoudMiner (aka Bird Miner)

When: June 2019. What: This was a cryptocurrency miner that was distributed via a cracked installer for Ableton Live. The cryptocurrency mining software would attempt to use your Mac’s processing power to make money.

OSX/NewTab

When: June 2019. What: This malware attempted to add tabs to Safari. It was also digitally signed with a registered Apple Developer ID.

OSX/Linker

When: May 2019. What: It exploited a zero-day vulnerability in Gatekeeper to install malware. The “MacOS X GateKeeper Bypass” vulnerability had been reported to Apple that February, and was disclosed by the person who discovered it on 24 May 2019 because Apple had failed to fix the vulnerability within 90 days. Who: OSX/Linker tried to exploit this vulnerability, but it was never really “in the wild”.

CookieMiner

When: January 2019. What: The CookieMiner malware could steal a users password and login information for their cyberwallets from Chrome, obtain browser authentication cookies associated with cryptocurrency exchanges, and even access iTunes backups containing text messages in order to piece together the information required to bypass two-factor authentication and gain access to the victim’s cryptocurrency wallet and steal their cryptocurrency. Unit 42, the security researchers who identified it, suggest that Mac users should clear their browser caches after logging in to financial accounts. Since it’s connected to Chrome we also recommend that Mac users choose a different browser. Find out more about CookieMiner Mac malware here.

Mac malware in 2018

SearchAwesome

When: 2018. What: OSX.SearchAwesome was a kind of adware that targets macOS systems and could intercept encrypted web traffic to inject ads.

Mac Auto Fixer

When: August 2018. What: Mac Auto Fixer was a PiP (Potentially Unwanted Program), which piggybacks on to your system via bundles of other software. Find out more about it, and how to get rid of it, in What is Mac Auto Fixer?

OSX/CrescentCore

When: June 2018. What: This Mac malware was found on several websites, including a comic-book-download site in June 2019. It even showed up in Google search results. CrescentCore was disguised as a DMG file of the Adobe Flash Player installer. Before running it would check to see if it inside a virtual machine and would looks for antivirus tools. If the machine was unprotected it would install either a file called LaunchAgent, an app called Advanced Mac Cleaner, or a Safari extension. CrescentCore was able to bypass Apple’s Gatekeeper because it had a signed developer certificate assigned by Apple. That signature was eventually revoked by Apple. But it shows that although Gatekeeper should stop malware getting through, it can be done. Again, we note that Adobe ended support for Adobe Flash on 31 December 2020, so this should mean fewer cases of malware being disguised as the Flash Player.

Mshelper

When: May 2018. What: Cryptominer app. Infected users noticed their fans spinning particularly fast and their Macs running hotter than usual, an indication that a background process was hogging resources.

OSX/Shlayer

When: February 2018. What: Mac adware that infected Macs via a fake Adobe Flash Player installer. Intego identifed it as a new variant of the OSX/Shlayer Malware, while it may also be refered to as Crossrider. In the course of installation, a fake Flash Player installer dumps a copy of Advanced Mac Cleaner which tells you in Siri’s voice that it has found problems with your system. Even after removing Advanced Mac Cleaner and removing the various components of Crossrider, Safari’s homepage setting is still locked to a Crossrider-related domain, and cannot be changed. Since 31 December 2020 Flash Player has been discontinued by Adobe and it no longer supported, so you can be sure that if you see anything telling you to install Flash Player please ignore it. You can read more about this incident here.

MaMi

When: January 2018. What: MaMi malware routes all the traffic through malicious servers and intercepts sensitive information. The program installs a new root certificate to intercept encrypted communications. It can also take screenshots, generate mouse events, execute commands, and obtain and upload files.

Meltdown & Spectre

When: January 2018. What: Apple confirmed it was one of a number of tech companies affected, highlighting that: “These issues apply to all modern processors and affect nearly all computing devices and operating systems.” The Meltdown and Spectre bugs could allow hackers to steal data. Meltdown would involve a “rogue data cache load” and can enable a user process to read kernel memory, according to Apple’s brief on the subject. Spectre could be either a “bounds check bypass,” or “branch target injection” according to Apple. It could potentially make items in kernel memory available to user processes. They can be potentially exploited in JavaScript running in a web browser, according to Apple. Apple issued patches to mitigate the Meltdown flaw, despite saying that there is no evidence that either vulnerability had been exploited. More here: Meltdown and Spectre CPU flaws: How to protect your Mac and iOS devices.

Mac malware in 2017

Dok

When: April 2017. What: macOS Trojan horse appeared to be able to bypass Apple’s protections and could hijack all traffic entering and leaving a Mac without a user’s knowledge – even traffic on SSL-TLS encrypted connections. OSX/Dok was even signed with a valid developer certificate (authenticated by Apple) according to CheckPoint’s blog post. It is likely that the hackers accessed a legitimate developers’ account and used that certificate. Because the malware had a certificate, macOS’s Gatekeeper would have recognized the app as legitimate, and therefore not prevented its execution. Apple revoked that developer certificate and updated XProtect. OSX/Dok was targeting OS X users via an email phishing campaign. The best way to avoid falling foul to such an attempts is not to respond to emails that require you to enter a password or install anything. More here.

X-agent

When: February 2017. What: X-agent malware was capable of stealing passwords, taking screenshots and grabbing iPhone backups stored on your Mac. Who: The malware apparently targeted members of the Ukrainian military and was thought to be the work of the APT28 cybercrime group, according to Bitdefender.

MacDownloader

When: February 2017. What: MacDownloader software found in a fake update to Adobe Flash. When the installer was run users would get an alert claiming that adware was detected. When asked to click to “remove” the adware the MacDownloader malware would attempt to transmit data including the users Keychain (usernames, passwords, PINs, credit card numbers) to a remote server. Who: The MacDownloader malware is thought to have been created by Iranian hackers and was specifically targetted at the US defence industry. It was located on a fake site designed to target the US defence industry.

Word macro virus

When: February 2017. What: PC users have had to contend with macro viruses for a long time. Applications, such as Microsoft Office, Excel, and Powerpoint allow macro programs to be embedded in documents. When these documents are opened the macros are run automatically which can cause problems. Mac versions of these programs haven’t had an issue with malware concealed in macros because since when Apple released Office for Mac 2008 it removed macro support. However, the 2011 version of Office reintroduced macros, and in February 2017 there was malware discovered in a Word macro within a Word doc about Trump. If the file is opened with macros enabled (which doesn’t happen by default), it will attempt to run python code that could have theoretically perform functions such as keyloggers and taking screenshots. It could even access a webcam. The chance of you being infected in this way is very small, unless you have received and opened the file referred to (which would surprise us), but the point is that Mac users have been targeted in this way.

Fruitfly

When: January 2017. What: Fruitfly malware could capture screenshots and webcam images, as well as looking for information about the devices connected to the same network – and then connects to them. Malwarebytes claimed the malware could have been circulating since OS X Yosemite was released in 2014.

Mac malware in 2016

Pirrit

When: April 2016. What: OSX/Pirrit was apparently hidden in cracked versions of Microsoft Office or Adobe Photoshop found online. It would gain root privileges and create a new account in order to install more software, according to Cybereason researcher Amit Serper in this report.

Safari-get

When: November 2016. What: Mac-targeted denial-of-service attacks originating from a fake tech support website. There were two versions of the attack depending on your version of macOS. Either Mail was hijacked and forced to create vast numbers of draft emails, or iTunes was forced to open multiple times. Either way, the end goal is to overload system memory and force a shutdown or system freeze.

© Mac World

KeRanger

When: March 2016. What: KeRanger was ransomware (now extinct). For a long time ransomware was a problem that Mac owners didn’t have to worry about, but the first ever piece of Mac ransomware, KeRanger, was distributed along with a version of a piece of legitimate software: the Transmission torrent client. Transmission was updated to remove the malware, and Apple revoked the GateKeeper signature and updated its XProtect system, but not before a number of unlucky users got stung. We discuss how to remove Ransomware here.

© Mac World

Older Mac malware

SSL, Gotofail error

When: February 2014. What: The problem stemmed from Apple’s implementation of a basic encryption feature that shields data from snooping. Apple’s validation of SSL encryption had a coding error that bypassed a key validation step in the web protocol for secure communications. There was an extra Goto command that hadn’t been closed properly in the code that validated SSL certificates, and as a result, communications sent over unsecured Wi-Fi hotspots could be intercepted and read while unencrypted. Apple quickly issued an update to iOS 7, but took longer to issued an update for Mac OS X, despite Apple confirming that the same SSL/TSL security flaw was also present in OS X. Who: In order for this type of attack to be possible, the attacker would have to be on the same public network. Read more about the iPad and iPhone security flaw here.

OSX/Tsnunami.A

When: October 2011. What: OSX/Tsnunami.A was a new variant of Linux/Tsunami, a malicious piece of software that commandeers your computer and uses its network connection to attack other websites. More information here.

OSX.Revir.A

When: September 2011. What: Posing as a Chinese-language PDF, the nasty piece of software installs backdoor access to the computer when a user opens the document. More here.

Flashback trojan

When: September 2011. What: Flashback is thought to have been created by the same people behind the MacDefender attack and could use an unpatched Java vulnerability to install itself. Read more here: What you need to know about the Flashback trojan. Who: Apparently more than 500,000 Macs were infected by April 2012.

MacDefender

When: May 2011. What: Trojan Horse phishing scam that purported to be a virus-scanning application. Was spread via search engine optimization (SEO) poisoning.

BlackHole RAT

When: February 2011. What: More of a proof-of-concept, but a criminal could find a way to get a Mac user to install it and gain remote control of the hacked machine. BlackHole was a variant of a Windows Trojan called darkComet. More information here: Hacker writes easy-to-use Mac Trojan.

For more information about how Apple protects your Mac from security vulnerabilities and malware read: Do Macs need antivirus software.

How to find the obtain folder and delete downloads

Joe Hindy / Android Authority

Get to your obtain folder from the dock

Joe Hindy / Android Authority

How to find downloads by using Spotlight Search

Joe Hindy / Android Authority

FAQ

Documents files manager app by Readdle

The Documents app by Readdle is a self-proclaimed super app to organize files across devices and cloud-based platforms, but its strength may also be its weakness.

Comparing Documents to Files

Built-in VPN and browser

Setting up the Documents app

Documents - Pros

Documents - Cons

Rating: 4 out of 5 stars

Where to download

By Stacy Liberatore For Dailymail.com

Published: 14:24 EST, 14 February 2023 | Updated: 14:38 EST, 14 February 2023

The best PDF editors enable you to get even more done with PDF files but the real question is which PDF editor is best suited to your needs and workflow. 

Despite their finalized appearance, Portable Document Format files can be changed in the same way you alter a text document – you just need the right software. The best PDF editors let you open up almost any PDF file so that you can edit, alter, annotate, sign or convert it to other popular file formats including Microsoft Word.