mami mac malware cover

How To Check & Block MaMi DNS Malware On Mac

Nick Mead
How To
2

Following closely after the recent discovery of security holes in High Sierra, a security researcher has discovered new malware targeting the DNS settings on Macs.

Details of the malware called OSX/MaMi were posted on the Objective-See website and shows how the malware changes the DNS settings of your Mac’s internet connection to 82.163.143.135 and 82.163.142.137 meaning the hijackers can re-route your internet traffic, steal sensitive information or inject ads. You can actually download and install the malware from the Objective-See website although we obviously don’t recommend it. 

The Hacker News reports that the DNS Hijacker malware can even install a root certificate to allow it to intercept encrypted communications as well. Other potential malicious things MaMi can do are take screenshots, hijack mouse movements or trackpads, download/upload files and execute files.

It’s not yet clear how it’s being spread but is suspected to be from malicious emails or fake security ad popups.

To check if you’ve been affected by MaMi, follow these instructions:

  1. Go to the Apple logo in the top left corner of your Mac’s screen and select System Preferences…
  2. Select Network:mami malware - mac system preferences network
  3. Select Advanced: mami malware - mac network settings advanced
  4. Select the DNS tab at the top and then look for anything strange in your DNS settings and particularly make sure that the numbers 82.163.143.135 and 82.163.142.137 do not appear in the DNS Server box.mami malware mac - dns settings check

At the moment, there are no anti-virus software for Mac that can detect MaMi. However, there are various tools that can detect and block MaMi.

You can download a special tool called LuLu (currently in Alpha version) created by Patrick Wardle at Objective-See can block the MaMi malware from infecting your Mac. LuLu prevents unauthorized outgoing connections make from your Mac so that it prevents MaMi from being able to hijack your internet connection. mami malware mac - lulu utility

You can also use the free trial of network monitoring utility Little Snitch which does a similar job of managing incoming and outgoing connections on your Mac although it’s only free for 30 days.

Another option is the Beta version of DetectX Swift which is free to download and can detect malware on your Mac including OSX/MaMi.

MaMi malware mac - DetectX Swift

We also recommend running Malwarebytes for Mac. Although it hasn’t been updated yet to detect MaMi, it will be one of the first to do so and is definitely worth running now and then anyway to check for other malware.

You can find a range of other tools which can protect you from similar unauthorized network hijacking in our look at the best network monitoring software for Mac.

In the meantime make sure you don’t click on any suspicious emails or unusual pop-up ads that claim your Mac is infected.

If you think you’ve been infected by MaMi or are having problems removing it, let us know in the comments below.

Discover more from MacHow2

Subscribe to get the latest posts sent to your email.

Avatar photo
Nick Mead
Nick founded MacHow2 in 2013 and has a bachelor's degree in Journalism. Nick started life as a tech journalist and created MacHow2 mainly to help users like himself that had switched from Windows to macOS (and never looked back). Since then the site has evolved into one of the biggest independent online resources for Mac users new and old. You can follow him on X or get in touch via email below or the contact form at the top of the site.

2 Responses

  1. Thanks for the info. Good stuff…You should also let readers know that LuLu is still in alpha development and Little Snitch is shareware, free to try but it is not free; t requires a paid license.

    Reply

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

error:

Discover more from MacHow2

Subscribe now to keep reading and get access to the full archive.

Continue reading