Mac App Electrum Wallet With Backdoor Spotted in Wild

An Electrum wallet with a backdoor has been spotted in the wild by ConfiantIntel. They noticed that it’s another example of a piece of malware notarized by Apple. Link to tweet thread below.

These fake wallets were introduced during a Malvertising attack our security team discovered early this week, involving the hacking of a Major SSP. The hackers redirected the victims to https://electrum-4.github[.]io/ asking them to install an update of the electrum wallet.

In a separate tweet, it looks like one of Patrick Wardle’s tools can detect it.

Satechi Releases USB-C Multi-Port Adapter

Satechi announced on Thursday the launch of a USB-C multi-port dock. It has USB-C PD charging, HDMI and VGA display ports, USB-A data ports, SD card slots, and Gigabit Ethernet, with two detachable USB-C cables – perfect for on-the-go or docked at your desk. Compatible devices include: 2020/2019/2018/2017/2016 MacBook Pro, 2020/2018 MacBook Air, 2020/2018 iPad Pro, 2019/2017 iMac, iMac Pro, 2015/2016/2017 MacBook, Microsoft Surface Laptop 3/Surface Pro 7/Go, Google PixelBook Go, ChromeBook, Samsung Galaxy Tab Pro S, HP Spectre Convertible, Razer Blade, Huawei Matebook and more USB-C devices. It costs US$99.99 but with the code MULTIPORT20 you can get 20% off. Valid until March 15.

M1 Support Coming to Open Source Email Client ‘Thunderbird’

In the latest beta version of Thunderbird the company added a welcome surprise in the notes: Future support for Apple’s M1 Macs. These notes apply to Thunderbird version 87 beta 1 released February 26, 2021. What’s New: Native support for macOS devices built with Apple Silicon CPUs; New user interface for adding attachments; Clicking on an already-selected pill in the recipient list will now allow editing the address; Copying a large message to an IMAP server would sometimes prematurely display a time-out error; OpenPGP: Messages with a high compression ratio (over 10x) could not be decrypted; and other fixes and improvements.

Run Virtual Machines on M1 Macs With ‘UTM’

UTM is an app I recently discovered that lets you run virtual machines on M1 Macs. It uses Apple’s Hypervisor virtualization framework to run ARM64 operating systems on Apple Silicon at near native speeds. On Intel Macs, x86/x64 operating system can be virtualized. In addition, lower performance emulation is available to run x86/x64 on Apple Silicon as well as ARM64 on Intel. For developers and enthusiasts, there are dozens of other emulated processors as well including: ARM32, MIPS, PPC, and RISC-V. Under the hood of UTM is QEMU, a decades old, free and open source emulation software that is widely used and actively maintained. While QEMU is powerful, it can be difficult to set up and configure with its plethora of command line options and flags. UTM is designed to give users the flexibility of QEMU without the steep learning curve that comes with it. Mac App Store Link

Firefox 86 Introduces ‘Total Cookie Protection’ Privacy Feature

Firefox 86, introduced recently by Mozilla, adds a new privacy feature called Total Cookie Protection.

Total Cookie Protection works by maintaining a separate “cookie jar” for each website you visit. Any time a website, or third-party content embedded in a website, deposits a cookie in your browser, that cookie is confined to the cookie jar assigned to that website, such that it is not allowed to be shared with any other website.

Mysterious ‘Silver Sparrow’ Malware Confuses Researchers

Over the weekend we got news of a mysterious piece of malware called Silver Sparrow. It has infected 30,000 machines so far and there is a version of it built for M1 Macs. But security researchers can’t figure out its purpose.

Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines, leaving the malware’s ultimate goal unknown. The lack of a final payload suggests that the malware may spring into action once an unknown condition is met.

Chrome OS Passes macOS to Become Second Most Popular Desktop OS

New data shows that Chrome OS has overtaken macOS to become the second most popular desktop OS. Chrome OS rose from 6.4% in 2019 to 10.8% in 2020.

Despite the fact that macOS landed in third, viewing this as an example of Google beating out Apple directly might not be accurate. Rather, it’s likely that Chrome OS has been primarily pulling sales and market share away from Windows at the low end of the market. Mac market share actually grew from 6.7 percent in 2019 to 7.5 percent in 2020.

Password Manager Bitwarden Adds Touch ID to Browser Extension

Password manager Bitwarden announced the addition of a couple of new features. One feature adds support for Touch ID and Windows Hello to its browser extensions.

Browser extensions will now be able to access this authentication inside the Desktop application. This allows a more streamlined integration with hardware that does not require a unique browser-level integration. Biometric authentication requires macOS users to download the Mac App Store version.

Buffer Overflow Bug Found in SUDO Dubbed ‘Baron Samedit’

Tracked as CVE-2021-3156, a heap overflow bug found in sudo and dubbed “Baron Samedit” has been found recently. It allows an unprivileged user to gain root privileges on a vulnerable machine using a default sudo configuration.

The vulnerability itself has been hiding in plain sight for nearly 10 years. It was introduced in July 2011 (commit 8255ed69) and affects all legacy versions from 1.8.2 to 1.8.31p2 and all stable versions from 1.9.0 to 1.9.5p1 in their default configuration.

2020-02-03: Looks like macOS is affected after all.

WIN an iPhone 16 Pro Max!