Macs are engineered from the ground up to be hostile to programs from unknown developers — but what if a piece of malware could slip into MacOS undetected? If a virus were disguised as an Apple-approved program, could it make it past the computer’s defenses? As it turns out, this is the easiest way to infect an otherwise safe computer.

Tarmac malware lets spam take flight on your Mac

A new type of malware is spreading to Macs across the world — and most people don’t even know it’s a virus. It masquerades as a common download, making it easy for the program to slip through Apple’s security measures. If you’ve noticed your Mac acting funky in recent days, here’s why you might want to run a scan. According to new reports from security researchers at Confiant, a new form of malware is making an appearance on Macs found in the U.S., Italy and Japan. The malware, dubbed “Tarmac,” is actually a companion malware to an older program called Shlayer — which was also discovered and reported by Confiant. Together, the two viruses work to fill the infected computer with spam advertisements that generate loads of cash for the cybercriminals behind the infection. Confiant discovered Tarmac as a form of “malvertisements,” or malicious ads. When the ad loads on a webpage, it automatically forces the browser to download a piece of software disguised as an update to Adobe Flash Player. Usually, the malvertisement will claim this program must be installed for users to view the webpage or video they’re trying to watch. This is often enough to trick most people into loading the program, which then connects to a central server and relays private information back to the criminals. Strangely, the phony Flash Player file contains a legitimate Apple developer certification. All programs that are downloadable from Apple’s Mac App Store feature this certification, and any Apple developer can acquire the license for $99. This means whoever created the malware was smart enough to disguise their intentions to Apple — which helps the malware get past any security measures the user may have in place.

Do I have Tarmac on my computer? How can I get rid of it?

Fortunately, Confiant discovered Tarmac’s central command server is currently offline, so the only thing the program is capable of doing now is spying on users. It’s unknown what the full capabilities of Tarmac will be once the server goes live, so it’s better to tread cautiously and protect your computer immediately. So what can you do to stay safe? As always, avoid unusual download links, emails and messages. This program does tend to be served through ads that trick users into downloading, which are commonly found on adult websites, so avoiding that kind of content is a surefire way to steer clear of malicious advertisements. If you believe you’ve been infected by Tarmac, or simply want to scan your computer to be safe, investing in anti-malware software for Mac would be your best choice. There are free options available, like Avast, as well as premium paid software like Kaspersky Internet Security. Both programs are capable of in-depth scanning and malware removal, and are essential tools for any Mac user on the web today. Click or tap here to see Komando.com’s take on the best antivirus software for Macs.