MacHow2 uses affiliate links. Please check our Advertising Disclosure for more info.

Following closely after the recent discovery of security holes in High Sierra, a security researcher has discovered new malware targeting the DNS settings on Macs.

Details of the malware called OSX/MaMi were posted on the Objective-See website and shows how the malware changes the DNS settings of your Mac’s internet connection to

Other potential malicious things MaMi can do are take screenshots, hijack mouse movements or trackpads, download/upload files and execute files.

It’s not yet clear how it’s being spread but is suspected to be from malicious emails or fake security ad popups.

To check if you’ve been affected by MaMi, follow these instructions:

  1. Go to the Apple logo in the top left corner of your Mac’s screen and select System Preferences…
  2. Select Network:mami malware - mac system preferences network
  3. Select Advanced: mami malware - mac network settings advanced
  4. Select the DNS tab at the top and then look for anything strange in your DNS settings and particularly make sure that the numbers do not appear in the DNS Server box.mami malware mac - dns settings check

At the moment, there are no anti-virus software for Mac that can detect MaMi. However, there are various tools that can detect and block MaMi.

You can download a special tool called LuLu (currently in Alpha version) created by Patrick Wardle at Objective-See can block the MaMi malware from infecting your Mac. LuLu prevents unauthorized outgoing connections make from your Mac so that it prevents MaMi from being able to hijack your internet connection. mami malware mac - lulu utility

You can also use the free trial of network monitoring utility Little Snitch which does a similar job of managing incoming and outgoing connections on your Mac although it’s only free for 30 days.

Another option is the Beta version of DetectX Swift which is free to download and can detect malware on your Mac including OSX/MaMi.

MaMi malware mac - DetectX Swift

We also recommend running Malwarebytes for Mac. Although it hasn’t been updated yet to detect MaMi, it will be one of the first to do so and is definitely worth running now and then anyway to check for other malware.

You can find a range of other tools which can protect you from similar unauthorized network hijacking in our look at the best network monitoring software for Mac.

In the meantime make sure you don’t click on any suspicious emails or unusual pop-up ads that claim your Mac is infected.

If you think you’ve been infected by MaMi or are having problems removing it, let us know in the comments below.

About The Author


MacHow2 is devoted to helping you get the most of of your Mac. We're passionate about all things Mac whether it's helping users with software recommendations or solving technical problems. If you've got any comments about this article, get involved by leaving a comment below. You can also contact us directly using the contact form at the top of the site. Please note that in the interests of transparency, MacHow2 may sometimes receive compensation from link clicks or vendors.

2 Responses

  1. smayer97

    Thanks for the info. Good stuff…You should also let readers know that LuLu is still in alpha development and Little Snitch is shareware, free to try but it is not free; t requires a paid license.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to MacHow2!

Sign up to get reviews, tutorials and special offers on Mac software!