contador Skip to content

OSX / MaMi: the new dangerous malware on Mac

The malware are less common on the operating system on Apple computers than on Windows PCs. However, viruses do exist under macOS, and they should not be taken lightly. The latest is called OSX / MaMi.

The Domain Name System (DNS) is a service that makes it possible to translate a domain name into associated data of different kinds. In a simple way, the DNS makes it possible to determine the domain name associated with a given IP address. OSX / MaMi malware attacks this system by changing the DNS addresses used by Apple computers. This is done by installing a root certificate.

Once the Mac is infested, a hacker can access sensitive data by attacks from the middle man (HDM). It can actually get the user credentials from the computer or launch advertising spam while browsing in order to make money. The hacker will even be able to take screenshots and recover files.

How do you know if your Mac is infested? See you in System Preferences> Network> Advanced> DNS. If the IP addresses 82.163.143.135 and 82.163.142.137 appear, your machine is infected with malware. Installation of the LuLu tool is then necessary to block unwanted connections. Small precision, the antiviruses are not all capable of detecting OSX / MaMi.