Safe browsing apps can be great tools for proactive web defense
Some of us are old enough to remember a time when one could say with a decent degree of confidence that Apple computers were near “impervious” to malware. But, of course, times change and today there are plenty of Apple infiltrators. In fact, Apple’s new M1 processor has already been targeted by something called GoSearch22, an adware malware that hijacks your browser search results – possibly steals data – and injects, naturally, advertising.
As with many other pieces of malware, it comes with free online software. Also interesting for Mac fans was the discovery in the waning days of February of something researchers are calling “Silver Sparrow.” It’s been detected so far in 153 countries with the U.S., Canada, Germany, France, and the UK at the top of the list of infections. Around 30,000 Macs have been found to contain Silver Sparrow; which so far is an interesting mystery. Experts at security firms haven’t yet been able to discover exactly what Silver Sparrow does or what its evil motive is. There are two different types – one that works on the aforementioned M1 and another for computers that run on Intel chips.
It’s highly likely someone will soon discover Silver Sparrow’s intent, and it’s a fair guess that the intent will be similar to GoSearch22 – another hijacker and spam invader. And we’re not done. Yet another Apple attacker was discovered riding in the M1 chip by security researcher Patrick Wardle. Tom’s Guide quotes from a recent blog post by Wardle: “I figured it would make sense that (eventually) we’d see malware built to execute natively on Apple new M1 systems … Malware authors have now joined the ranks of developers (re)compiling their code to ARM64 to gain natively binary compatibility with Apple’s latest hardware.”
Many are praising the speed of the M1 silicon chip made “in-house” by Apple, but it’s more than a little disconcerting that three different types of malware have been detected since the M1 line was released less than a year ago. For both Apple and non-Apple users, another surprise of late was the suspension of the Great Suspender. The extension was beloved by a good number of folks who found it as a great way of keeping a ridiculous number of tabs open while not using up memory…the extension “suspended” the tabs. But Google sent out a message on the 5th of February saying the add-on has ulterior motives and was to be removed as a Chrome extension. Microsoft Edge has likewise blocked the Great Suspender as an extension.
It’s enough to make you want to let out a weary sigh. Most of us who use the web are savvy enough to know not to click on suspicious-looking links or download fishy attachments. Most of us also have installed anti-spyware and virus protection, but often these defenses seem “after-the-fact.” It’s nice to know that something was malware but it would be nicer if you’d never downloaded it in the first place.
It’s worth your time to research and choose a security and anti-phishing protection app, a safe browsing apps that catches stuff before it reaches you. Safe browsing apps provide a website safety check that includes features such as scanning apps and files, protecting Wi-Fi networks, blocking “adult content,” and more. It’s “real-time” malware and anti-phishing protection – a much more proactive approach to defense. With a safe browsing app, when you go to a site, the app runs a safety check on the URL – accesses websites based on machine learning algorithms – and then matches it to a massive database. If suspicious, you are quickly informed and ushered back to safety before any damage is done. These apps work with all major browsers and also scan your network for hijackers and flag suspicious apps. But do your research.
With even something as trusted as the Great Suspender turning out to be yet another Trojan Horse, it’s probably a good idea to add a further level of security to your browsing by downloading a safe browsing app. Some are turning to VPNs and using more secure browsers, and both are good ideas, but adding an additional level of protection seems like a good idea, and considering many of safe browsing apps are free, they are worth trialing. Don’t forget that creating strong passwords is something to take seriously. Adding an exclamation point to the end of a password doesn’t count for much. Deep learning machines are getting much better at cracking passwords, so make them random, long, and change them somewhat regularly. This XKCD comic illustrates how you can make up hard, but easy-to-remember passwords. Also, stop ignoring the reminders to use two-step authentication, it’s more than a good idea. It’s unfortunate that there are so many bugs and bots out there, but, like STDs, they’re a fact of life and it’s up to you to use protection.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.