Many have pointed out I should not have used the terms "virus" and "malware" interchangeably, so I will try to be more accurate in the future.

@anon_y_mousse

Жыл бұрын

Technically, a virus is malware. While it has a more specific meaning and thus it's akin to the standard comparison of a square and a rectangle, I'd say in this instance you're good.

@olivesouch6423

Жыл бұрын

I wish MacOS should have official antivirus.

@PythonPlusPlus

Жыл бұрын

@@anon_y_mousse The problem is that this is not a virus, it is a trojan. Viruses are designed to alter or destroy data. Trojans are used to steal data.

@NaraSherko

Жыл бұрын

So what is it then

@DrCody227

Жыл бұрын

You can only use the term virus if it is self propagating. To this day no one has ever seen a "virus" on a Mac. Spyware and malware on the other hand...

Bruh, Malware just became a monthly membership 💀

@adityapareek_

Жыл бұрын

😂

@DenOfTimbsllc

Жыл бұрын

I swear, even when I get hacked, I still have to pay a monthly subscription!

@MarcosRobertoDosSantosJF

Жыл бұрын

Yeah, I want my malware as a perpetual license again! Hahah!

@Up2Speed

Жыл бұрын

@@DenOfTimbsllc Imagine ransomware where you have to pay $5/month or else your entire PC gets nuked.

@theblitzminecraft

Жыл бұрын

yeah many people are mad at adobe for thier stupid memberships, and now even hackers are mad at each other for the same reason

One true thing in tech/IT is that there is no such system is safe and invulnerable against threats.

@volvo09

Жыл бұрын

Yep, "security by obscurity" is how smaller OS use bases stay "virus free", but it's just because no one has taken the time to find exploits unless it's a state sponsored attack on a niche system or individual.

@MarkMcCoolJr

Жыл бұрын

as the saying goes, the only secure system is one that no one is allowed to login to.

@HeroRareheart

Жыл бұрын

Even airgaped systems can be vulnerable although that is significantly harder to achieve.

@jamieever4046

Жыл бұрын

Not unless you create your own system not compatible with any popular files and you lock it in your basement on an old computer so nobody knows about it and it can't connect to the internet

@stio_studio

Жыл бұрын

​@@jamieever4046 Someone takes your electricity :P

This virus also has a streaming service for watching victims for just $39.99/month

@GlenHunt

Жыл бұрын

Payable in stolen crypto

@norseczar27

Жыл бұрын

Hehe

@tensixtyoclock

Жыл бұрын

You're a victim yourself if you pay those 40 dollars

@LitoMike

Жыл бұрын

bruh

@Defensive_Wounds

Жыл бұрын

Not with my old ASUS with blu tack over the camera!

There is a possibility that Apple already patched this with the latest "Rapid Security Response" 13.3.1 (a). It was the first time Apple used this way of patching security vulnerabilities and they have not disclosed what exactly they fixed. Given the timing, it would make sense. Patch 13.3.1 (a) was released on 1st May

@ThioJoe

Жыл бұрын

Possibly, but I’m not sure there’s anything to really patch unless it uses an exploit

@DenOfTimbsllc

Жыл бұрын

@@ThioJoe, they mentioned a WebKit exploit that they found, but we have no clue what that exploit is exactly.

@Bob-1802

Жыл бұрын

Apple never disclosed what they patched.

@DidanSetia

Жыл бұрын

Probably, yeah. But, the Rapid Security Response deployed not only for macOS, but for iPadOS as well. I’ve just done the update a few hours ago actually.

@Juanguar

Жыл бұрын

@@DidanSetia iOS too Since it has been pushed to everything it’s safe to assume it has something to do with WebKit

To be exact, a DMG file is a disk image file which could contain anything. It is mostly used to ship applications in it with the background picture changed so it tells you what to do to install it. Because applications on a mac appear to the user like a single movable file it mostly tells you to drag and drop that application file onto a shortcut which is linked to the macs application folder. That way it appears in your dashboard etc. and is „properly installed“ (although you COULD just execute it from the dmg aswell) It seems they are taking advantage of people being used just following whatever the background of that dmg file says to make them execute their malware. Either its an application inside a dmg file OR an actual installer (.pkg file) but not the mix of both these bad actors have shipped

1:15 Vietnamese people here. Great job on pronuncing it correct as most Americans may mispronounced into f word. Great job Thio Joe

@electricspider2267

Жыл бұрын

Reminds me of that time someone had to provide proof that their name was "phuc datbich" before facebook allowed them to use it

Thio is a gigachad literally just explains what's going on in a clear way then disappears until he uploads something, huge respect

@Hercules718

9 ай бұрын

this is ALL a lie

My Big-Mac got a virus?!!!!?! I'm suing McDonalds now!

@anthony17mapoy46

Жыл бұрын

Oh really? 🤣

@thelastofthehitachi972

Жыл бұрын

stroke! stroke! stroke! - stop mocking me!

@zozonajjar1234

7 күн бұрын

Hahah😂

OSX viruses are rare but when they come out they hit hard

@itsROMPERS...

Жыл бұрын

"OSX"? That term hasn't been used in years on Mac.

@ArizeOW

Жыл бұрын

@@itsROMPERS... it's literally being used in this video. Also, who are you to decide how people communicate? OSX is still commonly used to refer to macOS in my bubble.

@Blitterbug

Жыл бұрын

@@itsROMPERS... It's used more often than 'pedant'

@itsROMPERS...

Жыл бұрын

@@Blitterbug I never said it wasn't used often, i said it was WRONG because Apple changed the name in 2016. You can call your MacBook a "PowerBook", because Apple did call its laptops by that name decades ago, but they don't anymore, so it's wrong. OSX is just not what it's called by its maker anymore. What is hard about this?

@Blitterbug

Жыл бұрын

@@itsROMPERS... You miss my point somewhat ;) I'm saying it's pedantic to quibble. To many seasoned Unix developers like me it'll always be OSX, not the trendy MacOS.

well to be fair it would be weird if a random ass app from telegram started asking for root privledges and file access.

@Warp3326

Жыл бұрын

get out of here this is a windows channel

guess that explains the rapid response update yesterday … thank YOU … you just saved me trying to find out what it was all about

macOS or Windows, you just don't click on a random link, don't open attached files from an unknown sender, don't allow disk access to random apps you found online. I feel cybersecurity should be taught in school by this point.

Thanks for the info!!

OK Joe - You left out the most important part: How do you know if your Mac is infected, and how to remove the virus!

When I had a Mac I knew not many viruses were made for it, but I also knew there were at the same time, so IMO it's the same usage because either way, you never know when you could get something.

Apple: It’s impossible!

@Ksanimations

Жыл бұрын

Lol

@olivesouch6423

Жыл бұрын

Microsoft: "let me do it for you"

@Hardcorelactation

Жыл бұрын

@@olivesouch6423 kermy

@false_positive

Жыл бұрын

Linux: **grabs popcorn and sits back**

@false_positive

Жыл бұрын

@DarkDev they sure do, that’s why there is clamav 🙂

Had to head to the comments to see if anyone else caught this definition reassignment. Conflating a virus with a user initiated exploit is a stretch. I don't normally engage in splitting hairs over definitions, but in this case I will. The marketshare argument is a mass adoption of a flawed opinion. Just because Mac or Linux does not have the same adoption rate that Windows does, does not mean that there is not an incentive to create "programs" of malicious intent on the others. There is now and has always been many different incentives to create programs for all three platforms, and the different motivations (financial, foss, watch the world burn) are shared as well. Windows it is pretty much the only operating system that has suffered from viruses (self-replicating malware). Sure, exploits exist across all platforms; if a bad actor, government really wants to spy on you, it will. Windows obtained this reputation not because of market share, but because of an engineering decision. Security was and always has been secondary (or non-existent) to "ease of use" in order to achieve Mass adoption. Microsoft lives by the philosophy, run now ask questions later. 😂 *nix has a super user, nothing runs accidentally. sure it can be exploited and hacked, but it is a no-mans-land for "viruses."

Great content! You literally just saved me two users of MACs with this detection alert. Thank you!!!

Appreciate the info

Thanks for keeping us in the loop. This video actually gave me some reassurance that my security is fine. Just don’t install random crap and don’t always press allow and accept. Seems kind of obvious to me. But I can see how other people can fall for this.

Awesome video ThioJoe! Very informative! You mentioned considering buying a biometric authenticator. What are some of the better ones?

@Mainyehc

Жыл бұрын

Apple’s own Magic Keyboard with TouchID? That’s the safest one, at least…

I love how the title makes it sound like a new game or something just came out. I'm just imagining Thio saying "Eyo guys, Macs just dropped a new virus, only 50 have been made, so go buy them asap."

I have never seen a Mac installer that has you right click and select open. Usually they have you drag something to a folder.

Thanks for the info joe

The problem with macOS and linux for security is that if an app has your password, they can invoke any process as sudo. On windows, if an app has the password, they can't do anything, they still have to open the UAC prompt.

@unicorn_tamer

Жыл бұрын

Yes, and once they do that, the sheep are of course going to click Yes. And you don't really need to do much to gain admin privs in Windows anyways. Linux has a much more secure design by default and privilege management is a hundred times better there.

@keit99

Жыл бұрын

Also not every user has sudo active for them ( doesn't mean the point isn't valid )

@GeorgeHafiz

Жыл бұрын

But even being root/sudo is not enough to access certain areas of macOS. That’s why as shown in the video, even though the virus is given the user’s password, there’s still a pop up to access various folders.

Appreciate the update. It's basically always been true that Macs aren't invulnerable to viruses, there are just fewer viruses that target them. We could all use a reminder once in a while to be vigilant. But no, I've always been too terrified to download anything I'm not 100% sure is from a reliable site.

I never encountered a virus that bad, but once I did encounter a browser that hijacked my favourite browser safari and all I could use was yahoo as a search engine and luckily, after a while, I was able to get rid of it and it's been a long time and I was wiped at Mac a couple times after

I love learning about viruses for an OS I don't and probably will never use! jkjk I love these kinds of videos, keep it up!

One thing you can do is type an incorrect password, and if it's legit it'll say "nope thats not your password" but if it's a virus and doesn't know your passowrd or isn't going through apple's apis and stuff it'll just accept that as your password and fail stuff that requires passwords.

@prayhe

Жыл бұрын

malware creators be like: ok let’s do it so it only accepts the password on the second attempt :D

@GRBtutorials

Жыл бұрын

@@prayhe Or just check the password.

@RedLuigiE

Жыл бұрын

fr

Thanks for the heads up 👍

"Macs dont have viruses" The macs:

1:12 lol @ the side note

So if I see a popup, I should try entering a wrong password first.

What if I might have already installed such an app in my Mac in the past? Is there a way to fix it?

I am a Mac user and have been for quite sometime also do windows but I don’t think that you went over. How do you get rid of the virus if you get it

I seem to remember someone in one of my elementary schools (primary school) arguing that Macs don't get viruses... I think it might've been the teacher of the computer lab. I was smart enough to know that couldn't possibly be true.

Personally, I avoid password managers and instead I base my passwords on some phrase relevant to the site I'm logging into and then alphabet shift it. So they're easy to remember but impossible to guess.

The HOLY RULE of computer security is to be extremely cautious about using promoting root/admin privilegies to ANYTHING. If you are going to permit the admin access, remember, you're handling all the keys to your computer to the requesting programm. Permit the admin access to an app only if you are ABSOLUTELY sure it's safe. The app with admin rights can do absolutely everything on your computer - it can take anything it wants and it can ruin your OS so you'll end up reinstalling the whole computer. The best practice I came to after years of computer fixing is to not to give admin password to the owner of the computer. If the owner needs to install something - owner just calls the specialist and he installs everything. You may end up newer give up the password to the computer owner if doesn't need it at all and he'll be using that computer for many years without a single issue. If the owner needs the admin privs from time to time for some reason, you can give it to him after making sure he understands importance of the admin privileges and knows that he shouldn't ever use it if he's not sure about safety. This way he'll make couple of mistakes in the process and will become a great computer user that knows what he's doing and has no computer problems. Sure you have to explain the other good practices to the user as well, but this topic is the far most important one.

All friends that my have iOS like me I’ve got a XR older iPhone but the same thing Right? Or are phones different?

Well my dads word document containing all his passwords is no longer safe😅😂

Doing tech support for my friends, it is kind of insane how much maleware there is on apple devices lately. Never had problems until about a year ago. Now, I have dealt with 4 devices that got maleware. Their "defender" software doesen't seem to be the best honestly. Ironically, it was a long time ago where I had to remove maleware from windows. But my windows user friends are also a bit more tech savy because their hobbies are gaming.

@Teluric2

Жыл бұрын

Can you elaborate on your apple devices? Strange behaviour? Kernel panic?

would be cool to see you do a video on objectivesee’s software, they make anti-malware tools, dunno if you have a mac to throw malware at the software but yea

1:26 - Wait, did they forget about Safari; the default browser on MacOS?

It's not just smaller market share , Macs aren't invulnerable, but they objectively are more secure simply because Apple writes the operating system for just 5-6 configurations of their own hardware. Windows relies on thousands of vendors to make it run on everything. There is no comparison in terms of avenues of attack

@Blitterbug

Жыл бұрын

You're confusing the reasons for their better reliability and stability with resistance to infection. No IT pro would make this mistake, even though you make great points about the OS being inherently more crashproof.

As a Mac user, that pop-up looks really sketchy and is completely different from any other gatekeeper pop-up macOS uses, also macOS is spelled wrong (the m is capital, small mistake but not something Apple would do) also it says System Preferences, which does not exist anymore Pretty much any savvy Mac user would instantly see this as malware but I think multiple people could easily fall for this and not notice it, I hope Apple adds a security feature to prevent users typing in their mac passwords in text fields that aren’t from gatekeeper or the terminal

@Ms_Cheesecake

Жыл бұрын

Most of the people I know who use Macs are those who are absolutely not tech-savvy. :( They'd easily fall for it.

@TakZ000

Жыл бұрын

Sometimes people would just zoom past all popups specially when they are in a hurry or not attentive enough.

@neetop1557

Жыл бұрын

If you downloaded this sht from some dodgy place on the internet you're in either of 2 groups: - you downloaded it on purpose knowing that it's dodgy, e.g. to test it - you downloaded it because you're clueless and no amount of prompts will make you think about whether you're doing the right thing.

@Warp3326

Жыл бұрын

1. Don't get a Imac.

@fearandil__

Жыл бұрын

@@Warp3326 iMac …

Those prompts would be signaling alarms in my head

0:25 Windows is declining and "Unknown" OS on the rise. I wonder what are those unknown ones

@ethimself5064

Жыл бұрын

Smaller OS systems for basic uses

@ThioJoe

Жыл бұрын

Yea I was wondering that myself

@_SJ

Жыл бұрын

​@@ThioJoe Same 😅

@ethimself5064

Жыл бұрын

@@ThioJoe Look up

@ethimself5064

Жыл бұрын

Ha, ya did

So the Mac is more secure than Windows - it has to trick you into voluntarily installing it. This is very different from the Windows world, where the software can install itself without any user intervention. As a Linux user, i have to authenticate as a user in the administrator group before any software can install itself into the system. Of course, in all Unix type operating systems, any user can install software locally in his own directory, but that won't impact any other user or the system as a whole.

@aritradhabal

Жыл бұрын

this actually, the program literally have to prompt the user to enter password and allow access to docs and desktop, this is similar to WiLL yOu KiNdLy GiVe YoUr BaNk PaSSwOrD ? totally different from windows case

@toms5996

Жыл бұрын

Exactly. In Unix or in a Unix variant such as macOS or Linux, you have to first actively not only start the software installation but secondly, give your local Admin password.

@the-niker

Жыл бұрын

@@toms5996 Why would the virus need superuser access when it's after your user data - running as you the user? All it needs is +x and to run with user priviledge to get everything, right? You're not putting in your password to run a browser and it's not after taking over the machine, just your chromium/firefox database. Or does something like SELinux effectively prevent this?

@aritradhabal

Жыл бұрын

@@the-niker you need admin passwd to install a browser at the first place

@leonidas14775

Жыл бұрын

Given your linux installation has all the up to date security patches against exploits. And that you don't open an archive and click on a document that's actually an executable

I have a Chromebook and I have anti-virus and internet security software as well as a VPN so am I safe if I have a MacBook on it too. (I don't have a Mac Book yet but I'm getting one soon). But I don't usually go on unusual sites or open weird e-mails.

your video is great bro

Whats the best AV for MacOS?

PLEASE an update video on mac virus in total.... check if you are infected and what to do... and so forth...

Thanks ThioJoe

Hallo your combooter has virus.

I'm a MacUser, and that concerns me a little bit since I used the keychain as mention also for 2fa, so onetime-passwords + username + password are all in the same place. (Maybe not the best idea to begin with). Usually I try to get my software from the App Store but yeah, I'll be definitely a little bit more alerted now. :P I lately "secured" my Apple ID with Security Keys, but if you have the password on a logged in device, you can simply remove then, so this wouldn't protect anything either...

I knew I was not going mad. A few weeks ago i thought I was hacked but this makes so much more sense. I literally reset everything and have been increasing my security processes to this day 💀. I had the felling it was something related with keychain and I did have motion before so I wouldn’t be surprised if this were it.anyone knows if it also was designed to affect iOS too?

@anantav51

Жыл бұрын

iOS doesn’t work the same way

@Warp3326

Жыл бұрын

There is a version for IOS. But IOS isn't virus proof eather

@definitely-not-daniel

Жыл бұрын

@@Warp3326 oh I definitely. While much more secure it is absolutely not airtight. No system is really. I don’t know what I got but it certainly affected my Mac, iPhone and iPad. Idk what it was but it sure made me a bit paranoid for a while. 💀

i sometimes forget that theojoe was the original troll 10 years ago

I'm surprised Keychain has TOTP key support. Putting passwords and TOTP in the same place is practically asking for trouble.

@joshuapettus6973

Жыл бұрын

Especially in a place that is only protected with something as weak as the system password (Most people type that in constantly so they generally use weak ones). Password manager should use a separate password, which is why people should use Keypass over the OS or built in Browser one.

@neetop1557

Жыл бұрын

@@joshuapettus6973 or even weaker, e.g. your face or fingerprint.

I am a Mac user; I was introduced to them through work. I have had virus protection about twenty five years, originally through work but later through my own efforts. To date I have not suffered a virus, Trojan horse, etc. but I have stayed away from unfamiliar sites. Am I invulnerable? Certainly not.

I need help Ive never done a backup on my macbook pro I bought it is 2016 still runs good but I think I have a virus ? I want to back it up on external drive but if I do so will that infection come back if I restore it to the state as I bought.. Reading comments you all seem to pretty much know all about the Mac I can't find a video that tells this.. in my network settings on win (local) netbios it says the name of my macbook is currently being used, could be wifi I dunno? Anyone?

Based on my understanding this thing doesn't self propagate, so it's not a virus, just your standard malware

Mac user here, never believed mac had no virus, so never lower my guard down. giving this is happening all the time, What your take on EU force apple to allow side loading apps.

@Warp3326

Жыл бұрын

Get a windows PC or get out

The last and only time I got a virus on a Mac was about thirty years ago. I used to buy and use virus software but it seemed so useless I stopped using it. Hopefully I don’t come to regret that. After thirty years of no viruses it’s difficult to start using them.

This thing can also affect every single operating system, every single one. We need something done about this.

ThioJoe how common do you think malware is on Linux distros?

Good job, thanks.

As information for non macOS users: When opening an App that's downloaded from an non Apple source for the first time, macOS will warn that it could be dangerous. When the file itself is trusted by Apple you can just click continue on the warning and the App will run like normal. When the file isn't trusted by Apple macOS won't show the continue button (just cancel and delete buttons) when the file was opened via a double click or a Link from another App. The only way to make the continue button show up is by right clicking the file and clicking open. So that's why the tutorial was there in the installer.

caught this vid in 5 seconds!! Fellow mac users gotta watch out!!

@jim9463

Жыл бұрын

Clicked as soon as I saw it 😂

me randomly feeling the name to download this and put random insults in the password thing:

Help I’m scared,I’m not sure if it’s a scare ware or not,it says “YOU HAVE DOWNLOADED A MAC VIRUS! PRESS OK TO START REMOVAL”

All my head in the clouds Mac friends need to watch this

still beatz staring at windowz it's like 1996 in there! 😳

So, you don't provide any solutions on how to remove this from a mac?

my network and macbook have been hacked by bluetooth global or something as of Sept 15, it has I can't count the plugins I have Exec , or Unix is installed and I want it gone.. My Netbios tell me my computor is being used by someone else, my wifi is all messed up they are in my iphone, turning my bluetooth on

I downloaded Tor a few days ago. What should I do

2:16 I just have to stop here.... AUTOMATIC filling of 2FA codes? That's defeating the whole purpose of 2FA.

@lucaswiese6

Жыл бұрын

We Now need 3FA (3 Factor Authentification)

@volvo09

Жыл бұрын

@@lucaswiese6 then someone will create a 3FA auto filler, all under a single password 😂 Edit: and then they'll wonder why they got hacked.

@lucaswiese6

Жыл бұрын

@@volvo09 no, impossible, the 3rd factor is Face ID using the camera / Touch ID using a finger print sensor

It also follows that the support and developer culture at Apple does not serve as a good model for application or system security foundations. For example, many people assume the eco-system cannot be gamed, but this has happened multiple times. Assuming the Apple Store or the Google store are beacons of integrity and reliability have to be measured relativistically. Technicians are also sadly biased by their perceived success. When all the targets are WIN boxes and not Apple, it gives the appearance of immunity from poorly designed systems and information management platforms. Any box that allows a person to answer the prompt "Go ahead and modify the system in a way that is not transparent or obvious to you? You're going to have to anyway. That last part is the kicker, it is literally the Apple OS and Dev support answers to questions that are outside the scope of any basic technical issue.

I use Webroot Secure Anywhere but also diligently making sure not click on stuff that would do something like this.

This thing is kinda like Redline but Mac edition XD

Could you make a video about securing everything with a level only NERDS would do, and maybe using a USB stick to authenticate yourself?

nice video though. thanks for the info

I was always skeptical about Mac antivirus software but now you convinced me to finally get one Thanks thio

@Warp3326

Жыл бұрын

or dont get a mac lmao

@noahtorocalzado

Жыл бұрын

@@Warp3326 get a pc? bruh, the same virus you will get there lol

When did virus become synonymous with malware? One is not the other and the terms should not be used interchangeably…

Thanks!!!

Cute virus that asks you to type your password 😀

I install a few web downloaded applications on my MacBook Air, but the instant any application asks me to enter my password, I cancel and delete. Not worth the risk if I'm also taking a risk by installing outside of Apple's ecosystem. I hope github stuff remains relatively safe as I do use that a lot, but it's only with very high user count things such as ytdlp, and some retro decompilation items.

@Warp3326

Жыл бұрын

You have a macbook? Oof. I hope you get better!

@Gerenocidiac

Жыл бұрын

@@Warp3326 It serves a purpose. I still have my desktop PC for my primary uses.

Is there anything good that comes out of Telegram?

How long has this malware been out

I'm particularly vulnerable because I use root as my main account so it won't even ask for authentication in the first place, it just "trusts" the app with full privileges.

We use to joke that you didn't see that many virus on MAC because the people who wrote the virus used MAC and they didn't want to get attacked by themselves.

Have you experienced the new KZread adware virus on Mac’s? I have and it sucks I am still trying to resolve the problem.

Never gotten a virus that needs user interaction. The viruses I'm scared of are those you never see, and never need you to make a mistake. But i don't know how many of those that exists.

Thats just the news you want to hear, right after getting yourself a brand spanking new Macbook!

I don’t even have a Mac but I’m still watching. Lol

When looking at that chart, is it really an honest surprise that windows has lost 20% market share since the release of Windows 11?

what's a good mac AV?

❤ i love your vidéo, i have question how do you write your vidéo , i want to know How do you make thé subject , are you using App or display text

Joe also please let people know to turn off auto open files after downloading so if they download something fake it does not not at lest mac has that to help some what

That's a lot of DMG