MaMi Mac malware and DNS

I was reading about some new Mac malware called MaMi which essentially hijacks DNS requests by changing the DNS settings on your Mac and then sending you to places you don’t want to go.

These are the settings like 8.8.8.8 which sends DNS requests to Google which in turn directs your Mac to the appropriate site.

The reason I mention this and I tend to mention it every time DNS hijacking shows up is because there is an easy way to prevent the attack from being successful even if you get infected with the malware.

Assuming you have a firewall/router than can block direct DNS requests to the internet, you should be able to simply create a rule that drops any direct requests to a malicious DNS server. In this case the malware is attempting to send those requests to 82.163.143.135 and 82.163.142.137.

Most firewall/routers can actually proxy the DNS request for you without having your Mac send them directly to the internet. For example, your firewall might have an internal IP address of 192.168.1.1. In this scenario, your DNS settings on your Mac would be 192.168.1.1 instead of something like 8.8.8.8 which would send the requests directly to Google for resolving.

Log event of firewall rule blocking direct DNS requests to Google (8.8.8.8).

In this case, we have an android device that is most likely hard coded to use Google DNS (obviously since it’s android) and trying to contact the Google DNS server directly instead of being proxied by the firewall. If it had been malicious, then the request would have been blocked.

Back to the interwebs

After a several month hiatus to tackle a rather large project, posting and podcasting will be back soon.

And I think I might just switch exclusively to video podcasting because it just seems cooler for some reason.

Stay tuned…

Cryptocurrency Mining

So I thought I would throw this out there if you have wondered what it was like to “mine” a cryptocurrency.

If you’re thinking about mining Bitcoin at home, that ship sailed a long time ago. However you can still mine some of the other popular coins like Ethereum and also lesser known coins.

If you have a spare PC or two laying around with some descent hard drive space and not too old GPUs, you can still have a bit of fun mining at home.

Not to get into the details, but if you have some GPUs from old gaming rigs or whatever that you aren’t using you can do dual mining for Ethereum and Decred (I hadn’t heard of that one either) on the same GPU.

If you don’t happen to have any GPUs laying around or your use them for actual gaming but you do have a bunch of old drives laying around, you can actually mine with hard drive space now.

Burstcoin uses spare hard drive space to generate coins (instead of GPU or CPU) so if you have a few hundred spare gigabytes laying around give that one a try.

I’m not saying you will make money, but it’s interesting regardless and you’ll have a better understanding of what the whole cryptocurrency craze is all about.

LogDNA Cloud Logging

A while back I was using the cloud logging solution Loggly and it’s a great solution however the $80/month was getting a bit tiresome.

I ran across another cloud logging solution called LogDNA which does many of the same things just much cheaper. Currently it is costing me $1.25/month for the “Birch” plan.

The plan does all the usual things like searching, alerting and archiving to S3. The alerting being the primary feature for me since I’m also logging to Splunk locally for redundancy.

If you’re hosting your own servers, websites, etc., then LogDNA is a great solution that doesn’t cost a lot. And for the sake of baby jesus, set up alerting for things like logins and such. You’ll be glad you did.

Check it out.

iPhone X… yeah, I got one… and more

For all my talking about how I wasn’t going to pay a grand for an iPhone X, yeah, that lasted all of a month after launch before I bought one.

Admittedly, it is the nicest version yet of the Apple iPhone. And using an iPhone 6s Plus with the Home button now seems annoying and archaic.

The iPhone X is so nice I feel super guilty for covering up its beauty with a case, but I know if I don’t it will be covered in scratches ruining its pristine loveliness.

And the notch, yeah, you don’t even notice after about five minutes.

And doing my part in keeping one of the world’s richest companies solvent, I purchased a new Apple Watch Series 3 and AirPods.

I love the new Series 3 with LTE so much that I often go without my phone… you know, the one I just paid $1000 for.

And the AirPods… if anyone is wondering… yes, you can put them through the wash and they still work.

You’re welcome Apple.