Ntiva Live: Apple for Business

Mac Security Special with Guest Thomas Reed of Malwarebytes

Episode Overview

In this episode, we feature a special guest, Thomas Reed, Director of Mac & Mobile at Malwarebytes!

Sign Up Today

Complete the form to register for the Ntiva Apple for Business Livestream series. You’ll get an email reminder before each livestream, plus an email with a link to the recording in case you miss any of the live events.

Episode Transcript

Ben:

So for those of you joining us for the first time, either live or watching the recording, this is Ntiva Live: Apple for Business. I'm Ben Greiner, director of Apple technology at Ntiva. With me as always is Chad Calease, our cyber resilience lead. Today, we have a special guest Thomas Reed from Malwarebytes.

Chad:

Hi, Thomas.

Ben:

And Thomas... Hello, Thomas.

Thomas Reed:

Hey. Nice to meet you.

Ben:

Thomas is the director of Mac and Mobile at Malwarebytes and has been for, I believe, six years. Right, Thomas?

Thomas Reed:

Yup. Going on six. Very, very close now.

Ben:

Okay, great. I want to get right into Malwarebytes and just a quick intro here. We typically talk about things that are happening in Apple technology that are relevant, but we knew you were coming on the show. So we want to dedicate as much time as possible to you. I just want to mention, yesterday, my AirPod Pros started acting wonky. I've not been able to fix them. I need to get this off my chest. So I got to share it with everyone.

Chad:

Just like an [inaudible 00:01:22].

Ben:

They've worked flawlessly since I got them. And yesterday they started flipping between left-right, left-right. And they just won't stop left-right. And everything I've read says, well, reset them, which I've done or make sure they're clean, which I have thoroughly cleaned them and cannot find what would be causing the issue. But if anyone has any ideas on how to stop your AirPod Pros from flipping between left and right other than a hard reset, which I've already tried, let me know.

Chad:

And you're not plugged into a mixer. You're not doing a Reggie Watts or any of that?

Ben:

Yeah. No. No, no. Maybe my neighbors hacked me and somehow they're messing with me. I don't know. Thomas, thanks for coming on and joining us.

Chad:

Yeah. Thank you.

Thomas Reed:

Yeah.

Ben:

Just a little bit of background for us. You know, I would say, I've been in the business much like all of us here for at least 20 years. Back in the day, Norton was the only thing I think we had access to as Mac people. And frankly, it was more of an annoyance than anything, the Norton antivirus. And I feel like we finally got to a point over the course of the 2000s where people stopped running that stuff on the Mac. For better or for worse people stopped doing anything on the Mac.

Chad:

It's true. Yeah.

Ben:

Yeah. Then we started to see the landscape change, and I will always struggle, Chad, and I talk about this a lot, struggled... You want to be innovative and in the forefront, but not bleeding edge so that you're causing issues. Right? And you also don't want to be so far behind that you're standing there flat-footed saying, "What am I doing?" So we're always trying to find that balance of being innovative, but we want everything to work. We decided we needed a couple of years ago, a few years ago, actually, that we needed to start exploring endpoint protection for the Mac. And once again, we were...

Chad:

It wasn't a popular opinion.

Ben:

No. It wasn't popular.

Chad:

It's true. It wasn't. It's still not.

Ben:

Yeah.

Chad:

Really, there's a lot of people that are still kind of flat-Earthers. It's tough to shift that perspective.

Ben:

And we did a lot of testing and there was a lot of... You know, well, this looks like it'll work. Let's try it. Oh, this looks like it works. But then later it was causing us issues, whether it was issues that, high CPU usage, unexpected blocking of things. It was basically a drain on our support desk rather than a benefit to our clients and a frustration for our clients. So we kept looking, kept looking, and we ended up with Malwarebytes. I think a big reason for that is Malwarebytes seems to be one of the few pieces on the Apple in an antivirus, anti-malwarebytes ecosystem that was built specifically for Mac. I think that's where you come in. Right?

Thomas Reed:

Yeah.

Chad:

Yeah. It's a great story. You should tell that story, Thomas. Tell us about this SecureMac, and maybe, if you don't mind, because I've never heard it from your perspective either.

Thomas Reed:

Yeah, no problem. So gosh, it's been a long time now. It's probably been at least 10 or 11 years ago that I started the Safe Mac. Initially, it was just a series of blog posts and things.

Chad:

That was a blog. Right?

Thomas Reed:

Yeah. It was a blog about security issues.

Chad:

Yeah. I think I said, SecureMac. Sorry about that.

Thomas Reed:

That's okay. Over time, I started noticing that there was this growing problem of adware. There were people getting infected with adware just left and right. So I started writing guides on the Safe Mac about, how to remove this adware, how to remove that adware, how to figure out what adware you had. That worked for a while. But these adware guys are kind of sneaky. They like doing nasty things, renaming files, that sort of thing. It started getting harder and harder to write the instructions. At the same time, there was this one particular kind called Genio. That was at the time, it was making a change that if you deleted a particular file that was associated with the malware, that your system became unbootable, which was a problem. You know?

Thomas Reed:

So I went through a whole series of iterations of the instructions on how to safely delete this file with big red text saying, don't do this unless you do this first. And people were still writing me angry emails. "I followed your instructions and my system won't boot anymore." At that point I really was starting to realize that-

Ben:

Did they really follow the instructions, Thomas? I'm guessing not.

Thomas Reed:

No. No.

Ben:

Yeah.

Chad:

And Thomas [crosstalk 00:06:32].

Thomas Reed:

I did learn a lot about how to write clear instructions, but I also found that no matter how clearly you write them, somebody is going to misinterpret them. So-

Ben:

Yeah. Yes. We know that from running a support desk. Yes.

Chad:

That's why so many great thinkers, Aristotle, I don't know, even Jesus, a lot of these guys never wrote anything down probably because they knew it was going to get misinterpreted. You know, at least when you're talking, you've got a fighting chance. Right?

Thomas Reed:

That's right. Yup.

Ben:

Yeah.

Thomas Reed:

So because of that, I started seeing that there was a need for some kind of a tool to help people do this removal. My first attempt was just a simple Apple script applet and everything was kind of hard-coded in there. But like I said, the adware was getting a little more sophisticated. It was using a lot of different names, random names, that sort of thing. And so the script was getting longer and longer and more and more unwieldy.

Thomas Reed:

Finally, I wrote Adwaremedic, which was like antivirus software, except it was specifically targeting adware. That really worked and it really took off. And so the next thing I know Malwarebytes is calling and saying, "Hey, we like your software. Apparently, a board member on the Malwarebytes board had a relative who got infected with malware on their Mac and he downloaded Adwaremedic and next thing you know, he was calling the CEO saying, "Hey, check this out." So long story short, I ended up at Malwarebytes and have been there for almost six years now.

Ben:

What were you doing when you were writing, when you're doing your security posting? Were you also consulting at the time, or were you working somewhere else or...?

Thomas Reed:

I was doing a little bit of consulting here and there, but mostly I was a stay-at-home dad at the time. My youngest son was pretty little at the time. My wife works full-time. I've done stay-at-home dad before, and so I was like, "Well, I've got nothing really compelling going on right now. So I'm just going to take this on." And then when he was [crosstalk 00:08:56] in school, in preschool or something, that gave me plenty of time to work on other projects.

Chad:

That's cool.

Ben:

Yeah. Well, how did you get involved or interested in this? Did you study it at some point or what like going back to...?

Thomas Reed:

I have absolutely no formal training in security. It's a funny story the way that I got into security. I was very active on Apple's forums and have been for many years. I've had less time for it lately, but I was very, very active there. I used to be one of the people who would tell people, "Oh no, you don't have to worry about malware. You know, Macs don't get malware." Because I believe that that was true. I knew that there were plenty of viruses back in the pre-OS 10 days. But at that time, I believed all that malware had been wiped out by the upgrade to OS 10 and that we were all good.

Thomas Reed:

Well, finally, somebody asked me some questions that I couldn't answer. And in the search for answers, I actually learned about all the new malware that had appeared since OS 10 had come out. So that really intrigued me and it got me looking even deeper, and next thing you know, it was like a black hole. It just sucked me in and I was hooked.

Ben:

Well, it's interesting that you don't have any formal training in security, and I'm the same way. Chad, would you say you have formal training? I mean...

Chad:

It's very similar. Thomas, when you and I met in LA at Mac tech, is it like a few years ago now?

Thomas Reed:

Yeah, yeah.

Chad:

That was one of the first things we had in common was, we ended up... You know, we have both have these meandering kind of paths to what we were doing. We were both really just trying to help a larger community. In Thomas's case, that's true. In my case, that was true because I had some friends who had lost about almost 5 million of their liquid assets to identity theft in 2007, like mid-early 2007. They reached out to me because I was their most technical pal.

Chad:

I had heard of ID theft, but I had no personal experience with it, and we certainly weren't talking about it. We weren't doing anything to elevate each other's mindset about it. That's my initial efforts and foray. I think I'd always been a hacker type. It never occurred to me to call myself that and it never seemed an attractive title. I always tried to downplay that kind of side of my abilities and stuff, just to be able to relate to people. That was a left turn for me because now I had... You know, it was personal.

Ben:

Yeah. Well, at the risk of irritating everyone who is formerly trained in security, I'll mentioned that Chad and I often say, don't bring a tank to a knife fight. And one of my frustrations with trying to, before Chad and I met, trying to get professional security people involved in the Mac side is that they would bring an army of tanks to a knife fight. I would just be like, "Guys, this is not... This is going to hurt the user sitting in front of the computer. They're not going to be able to get their job done. No one's going to like this. This isn't going to work. Are there any options?" It was always very black and white for them. There weren't really any options.

Ben:

I think that's what I also like about Malwarebytes. Like this stuff has to work in the real world. You can't just tell me it's bulletproof, it's going to protect you, but it's not going to let you get your job done either. I mean, that doesn't work. I don't know what kind of discussions like now that you're sort of inside that world, Thomas, working at a company that is focused on protecting people. By the way, I also took me a while to come to those same conclusions. Like, I don't think... Even Chad was telling me early on, "Oh, this is possible on the Mac." I'm like, "What? No, I don't believe it."

Ben:

But the further down the rabbit hole you go, you realize it is possible. I would say every single time we roll out Malwarebytes to an organization, it doesn't matter if they're the best organization or we know they're not doing best security practices, we will always find something that we did not know was living in that organization. Some of it is just annoying adware, but you don't know what that adware can turn into down the road and the client doesn't even know how it got on there, which is the scary part.

Chad:

Yeah. I think it's important to mention, too, that Thomas's focus on potentially unwanted programs or PUPs as we call them is important because it's a kind of a gateway drug. You know, you might say adware is a gateway drug for worse things. Right? So once you have some PUPs on your system, that just opens us up to greater risks because it's been... I've heard people grumbles and Thomas probably has too that PUPs are kind of testing grounds for what comes later. A lot of those tactics and strategies are appropriated by other groups to iterate on. So it's important to not dismiss them as just nuisances because they can lead to much worse things, and it's taken us some time. We're still working very hard to help folks understand that this isn't going away.

Ben:

Yeah. So Thomas, back to the question of you're now inside a security company, you are. You're director of Mac and Mobile at Malwarebytes. I mean, what was it like taking Adwaremedic and making it work with Malwarebytes, and kind of a follow-up question, what are you seeing today or what are you working on for the future? Three questions.

Thomas Reed:

Yeah. It was really a very interesting experience to go from just being one guy writing a piece of software to having a team of people working on software and managing that.

Chad:

It's cool.

Thomas Reed:

It's a completely different thing. I had a lot of learning to do about how that process works, and all on-the-job training, so to speak. So yeah. At this point, we've got a really great team. They're really writing some high quality code, and we're on the second iteration of the engine. You know, they rewrote it. Originally, when I first came to the company, it was not written in... It was written in what's... I don't even know how to pronounce it anymore. It used to be called REALbasic. It's a rapid application development environment. So it let me write the software really, really fast, which I really liked. So we rewrote it in Objective-C first and now we're in the process of getting a lot of the code converted into Swift.

Ben:

Oh good.

Thomas Reed:

Yeah. Yeah.

Chad:

That's not a small task.

Ben:

So Swift is Apple's native programming language, right?

Thomas Reed:

Yep. Yep.

Ben:

So it's not currently in Swift, but the next iteration will be.

Thomas Reed:

A lot of the UI and other things like that, the core engine I think is still mostly Objective-C.

Ben:

Okay. So there's some Swift pieces in it today.

Thomas Reed:

Yeah, yeah.

Ben:

Yeah. I mean, what are you seeing as far as, because I'm sure... Do you guys have access to the data? I would imagine you do, right?

Thomas Reed:

We do. Yeah.

Chad:

The test [crosstalk 00:17:06]. That's quite a big stuff.

Thomas Reed:

Yeah. We collect anonymized telemetry. So we can see things... Like we don't collect files themselves. I know a lot of antivirus programs if they see a suspicious file, they'll collect it, but we're not doing that. But we do collect things like, where was the file found? What was it called? If it's a file, we collect a hash so that we can potentially find that file somewhere like on Virus Total. A lot of our detections though are folders. You know, because I mean, if we're detecting an app, an app is really a bundle, it's a folder that looks like a file.

Chad:

It's true.

Thomas Reed:

So we don't get hashes for folders, but we do get all this metadata about the malware, what it was and where it was and that sort of thing. We can look at that data and see, okay, well, we're not seeing a whole lot of this particular malware, but good Lord, look at how much we're seeing of this other one. As an example, we worked recently with the folks over at Red Canary on detection of Silver Sparrow. And yeah, I mean, we got so much good data about that malware, and how widespread it was. That was a really great way to learn about it was from the data. One of the neat examples there is, there was a payload that was downloaded by the malware and we knew exactly where the malware saved that payload and what it called it. It had a static file name. So we knew exactly what and where it was. We have not seen one single instance of that payload across tens of thousands of machines that were infected.

Thomas Reed:

So that's kind of an interesting thing that we were able to learn by looking at the data is that this appeared to be more of a past infection, that's dead at this point. And it looked like most of the malware had actually self-removed. So very, very interesting. And then we'll see other things where I think XcodeSpy is one that was recently in the news. We added rules to detect that. As of today, we still have not seen a single instance of that on any system with Malwarebytes installed. So, you never really know how big a threat a piece of malware is, unless you can look at that data.

Ben:

So you're saying some of these things are hitting the news. You're not actually seeing in the wild in some cases.

Thomas Reed:

Right. Right. In some cases, we'll see an article about some new piece of malware. Typically, it's something that maybe the researcher found through a hunt on Virus Total. And so, who knows how that particular piece of malware might have gotten on Virus Total. Maybe it's not even in the wild yet. Maybe it's still in development in what sometimes [crosstalk 00:20:33] these malware developers will do is they'll take their early code and they'll upload it to Virus Total to see if it gets detected by any heuristics engines. So that's the kind of thing you might find, and it's not actually out in the wild yet.

Ben:

I do feel, and this is just a feeling, I have no data around it, but I do feel like the Apple platform is scrutinized at a much higher level than the Windows platform, which is kind of numb to this stuff. Right? I mean, is that fair to say?

Thomas Reed:

Yeah, absolutely. You know, on Windows, if you find a new piece of malware, who cares? I mean, unless it's really, really interesting like doing something that has never been seen before or doing something really groundbreaking, who cares? I mean, yeah, you want to protect against it as a security researcher. You want to know about it, but the general public, they're like, just protect my Windows machine.

Thomas Reed:

On the Mac, every piece of malware is interesting. Every piece is distinct and different. I shouldn't say every piece is interesting because some of them are not, but they are unique. You know, each one is worthy of at least some kind of mention, even the really poorly written ones. Those are interesting just because they're so poorly written.

Ben:

Yeah. Yeah. Are there any that like have been really nasty in recent years that come to mind?

Thomas Reed:

Absolutely. Yeah. So probably the nastiest that I've seen recently is one called... We called it ThiefQuest. We actually initially called it EvilQuest until we found out there was a video game by the same name. Oops.

Ben:

Do you guys get to name these when you find them?

Thomas Reed:

Yeah. Generally, whatever researcher finds them gets to name them. I am notoriously bad at naming malware.

Ben:

But you found some that you've named, and it's... Okay.

Thomas Reed:

Yeah. I found some. So this malware, initially it looked like ransomware because it was a little bit tricky to get it to actually trigger. It wasn't very reliable, but when it did trigger, it wouldn't start encrypting files in your home folder. It would leave a ransom note telling you, "Oh, you've been infected with ransomware" and do all of these other very ransomware like things. But there were some suspicious aspect to it. So first of all, the ransom note, didn't give an email address.

Ben:

How do you pay the ransom?

Thomas Reed:

So you had no way to contact. Well, it did give a Bitcoin address, so you could pay a ransom, but you couldn't contact anyone to get your decryption key. And then additionally, as it was being investigated, it was found that that Bitcoin address was... It was the same across all infections. And that's not typical. Typically, with ransomware, it'll be a unique Bitcoin address so that they can verify that machine is the one that paid on this account, on this particular Bitcoin address.

Thomas Reed:

So there was no way for the folks on the backend to know who had paid. Much less for the people who paid to get in contact and get their decryption key. So it turned out that this thing was what in the Windows world is typically called a Wiper. So all this ransom activity or ransomware activity where it was encrypting files, that was just all smoke and mirrors. It was all a distraction to keep you from noticing that the whole time, it was siphoning data off your system, and it was exfiltrating a huge amount of data.

Ben:

I see. So it was like, Hey, look over here while we steal stuff from the other side.

Thomas Reed:

Yep. Exactly.

Ben:

Interesting.

Thomas Reed:

Very like a magician sleight of hand.

Ben:

Yeah.

Chad:

Very clever.

Ben:

So, obviously, Macs can be infected with ransomware, right?

Chad:

Yeah.

Ben:

I mean, this is something that I don't know. I don't know if people fully comprehend despite the fact that we have said that repeatedly. It is technically possible.

Chad:

Not until it happens.

Ben:

Yeah.

Chad:

And then we can have those conversations, but like you said, it's really easy to hang on to the past and what we believed before. It's really challenging for us to shift our perspectives.

Ben:

And Malwarebytes has both a paid version, which we use with our clients and a free version. Right? You still have a free version.

Thomas Reed:

Yep. Absolutely.

Ben:

And for anyone listening or wants to download it and try it on their machine, the only, I think, correct me, the only limitation is you just have to manually run it. Is that how that works?

Thomas Reed:

Right. Right. Yeah. The free version lets you do manual scans only, but you can do as many manual scans as you want. You can remove all the malware that you want. There's no limitation on it. So what you're really missing there is the scheduled scans and the real-time protection.

Ben:

Yeah. And the reporting.

Chad:

Very nice transition. Yeah. The reporting. Yeah. Sorry. I was going to say, that's got to feel really great, Thomas, to have started out building this tool that was valuable to people right away, without any commitment, without any obligation, just some value. We were transmitting into something larger than yourself and to see that evolve into... You know, I still I get reports from the pals and family members of pals who said, Oh, I downloaded Malwarebytes and found all this stuff and it's always Malwarebytes. Somehow that has transmitted, translated into this next part of your adventure with Malwarebytes. That's got to feel pretty great.

Thomas Reed:

Yeah. Yeah. It's interesting. My story is very similar to the story of Marcin, our CEO, same thing except on Windows. Actually, in his case, he infected the family computer and went looking for solutions. [crosstalk 00:27:38] Realized how sucky the solutions were.

Chad:

And clean up.

Thomas Reed:

Yeah.

Chad:

For real.

Thomas Reed:

Yeah. That's how the company started. So it's got this core value of really wanting to help people, and this belief that you don't charge for that just for removing the malware. We charge for prevention, but not for the remediation part.

Ben:

Yeah. I want to repeat something or say it better is why we chose Malwarebytes is not only how well it runs on the Mac, sort of the low overhead that it brings to the Mac, but it's very easy for us to centrally deploy to an organization very quickly. It's also easy for us to remove when there are reasons for terminations or decommissioning a computer. I can't say that for all the anti-malware out there. Some of those solutions are so difficult to remove even when you're the administrator of a machine.

Thomas Reed:

Yeah.

Chad:

It's friendly even in training sessions with folks. It's intuitive, it's much more compatible with a diverse audience, and I'm grateful for that now pretty much every day.

Chad:

Good.

Ben:

We have a couple of comments. One is it was recommended that I return my AirPods. Thank you for that comment.

Chad:

That's superb.

Ben:

They might be beyond warranty, but maybe not. I need to check that. And then question, where can we find the download for Malwarebytes? I assume, I haven't done this in a while, but I'm going to go malwarebytes, B-Y-T-E-S.com and probably under personal. Is that maybe right?

Thomas Reed:

Yeah. If you're looking for the Mac solution, you just do malwarebytes.com/mac. That will get you straight there.

Ben:

Oh, okay. Let's do that. Malwarebytes.com/mac.

Thomas Reed:

Yep. But yeah, if you're just browsing, it would be under personal.

Ben:

Free download right here, malwarebytes.com/mac free download, and then pricing if you want to get either personal or business.

Chad:

It's great. If you're concerned that you have something, if you're concerned that maybe your Mac is running slow, or it's doing things that are out of the ordinary and you're not running any end point or anti-malware antivirus or whatever you prefer to call it. This is a great starting point, just to get an idea of like, if it is indeed a lot of these potentially unwanted programs and clean that up.

Thomas Reed:

Yeah.

Ben:

It would just run for 14 days before it goes into manual mode.

Thomas Reed:

Yeah. It gives you a little taste of the protection before going to just free mode. A lot of folks will say, Oh yeah, our antivirus program is bulletproof, it's perfect, it'll catch anything.

Ben:

Don't believe that.

Thomas Reed:

It's never true. You know? So I always tell people, if you really do believe you're infected and you run Malwarebytes and it doesn't catch anything, contact our support. Maybe you do have something that we just don't know about yet, and we want to learn about it.

Ben:

I have noticed, and this is not unique to Malwarebytes, it's across all apps, all of these types of programs. Sometimes it can find it and fix it, remediate it. Other times you have to go in and do some extra steps because it's so embedded in there. You can't rip it out.

Chad:

That's true.

Thomas Reed:

Yeah. It's stuff like changing the browser settings or ripping out those nasty configuration profiles that lock your browser settings. You know, Apple, doesn't give you an API for pulling those out, so we can't do it. Stuff like that. Yeah, it's unfortunate, but there's some manual work needed to fix those settings.

Ben:

Well, I know we're technically out of time, but I'm going to ask you one more question, if you have time, Thomas-

Thomas Reed:

Absolutely. Yeah.

Ben:

... which is director of Mac, we understand that, and Mobile. Yeah. So what exactly does that mean in your world, Mobile?

Thomas Reed:

That means that I'm also now directing the development of our mobile products, as well as our Mac products.

Ben:

Would I see them online here?

Thomas Reed:

Yeah. Honestly, I think they're under personal, but yeah, you-

Ben:

Mobile.

Thomas Reed:

Yes, mobile. There you go. So we have an Android app that's basically an antivirus and we have an iOS app, which of course is not because that's not possible on iOS. It does other security related things. And then we also have a VPN, a privacy app, and we've got done on Mac and it's coming soon for iOS and Android. So I'm watching over all of those things. For my role, basically, knowing what the customer's looking for and what we want to deliver, that's really the important part. I'm not really doing any development at this point. I'm just directing, here's what we need to do next, and let the development team figure out the how of how to do it.

Ben:

Yeah. iOS is a completely different beast compared to Mac OS. I mean, as far as the code base, and of course, what Apple allows anyone to do on the devices, both good and bad, I mean it definitely keeps things out, but it also prevents clients or organizations like you from doing some things to protect the end user.

Ben:

I mean, I don't know about you guys, but I'm getting hit almost daily with text messages that I know are not legit, like right into the trash, but what are they... When they're sending those links, do you have any idea? Are they betting that you're or hoping you're on an Android device or do those links also do harm on iPhones, you think?

Thomas Reed:

A lot of times those links are not actually trying to deliver malware. They're trying to deliver a phishing link.

Ben:

Oh, into your login?

Thomas Reed:

Right. So something where they can collect your credentials or collect some personal information about you or something like that, or it may just be an ad. So if you click the link, then, Oh, look, you just clicked on this advertising link, and somebody now out there gets paid under an affiliate program.

Chad:

Yes, somebody got paid. Yeah.

Thomas Reed:

But there is a subset of those messages that do sometimes have a zero click vulnerability bug that they're exploiting, and those are fairly rare. They typically happen with targeted individuals. So if you're a journalism and you... A journalist, I should say.

Chad:

Sure.

Thomas Reed:

If you are a journalist and you are really critical of some oppressive regime somewhere, and you get a weird text message, you could very well be infected because of that, just by receiving that message. That's because these vulnerabilities exist. It's really impossible to ever get rid of all such vulnerabilities in any system. So they exist on iOS. You can get infected, but when you do, there's nothing that you can do to detect it or to remove it other than just wipe your device clean and go back to factory settings and that's it.

Ben:

Yeah. On the iPhone.

Thomas Reed:

Yeah.

Ben:

Do you remember a few years ago, maybe several years ago now, I have no idea. Time in the pandemic is lost on me, but there was some text, a string of texts that if you sent to an iPhone user, it would do something to the iPhone. I can't remember exactly the details of it, but I remember it went through my kid's high school. I heard about it from them.

Thomas Reed:

Right.

Ben:

Yeah. When they first told me about it, I was like, "Really? I don't know if I believe that." It was real. It was real.

Thomas Reed:

Yeah. Oh yeah. There have been several of those. What they do is they usually crash the phone or the app, depending on what the bug is, but yeah, the particularly nasty ones that I have seen, if you receive it, as soon as it's displayed on the screen, so like, if you open your messages app and then the whole phone crashes, and then when you start it back up again, then if it tries to display that message again, you can get into a whole crashing loop. If it's showing in a notification that then loads again, when you reboot. There've been cases where people have gotten locked into these reboot cycles and basically couldn't do anything. They had to, I think, restore their phones just because of a string of characters in a text message.

Chad:

And then games. Yeah.

Ben:

Fun and games for kids sitting around watching their classmates' phones crash in-between class.

Chad:

There's a lesson in [inaudible 00:37:39].

Ben:

Yeah, I could see there's some fun there probably.

Chad:

Yeah. Hey, this has been fantastic, Thomas. Thank you.

Ben:

Yeah. Thank you for joining us. I really appreciate it.

Chad:

Thank you so much.

Thomas Reed:

No problem. No problem.

Ben:

Yeah. We're going to have this on our website in a couple of days. I don't think I mentioned today. I would normally mention the day. Today is Tuesday, April 6th. So that's the day today. We'll have this posted soon. Thomas, I really appreciate everything you've done for the community.

Chad:

Yes. Thank you, Thomas.

Ben:

The products at Malwarebytes, we use it. We recommend it. If you're not running it, either ask your company what they're doing to protect you or help protect you. This is just one layer of many layers that you need these days for protection. If you have a personal computer, yeah, go download it and just run it and see if it finds anything and have it available when you need to run it manually. Certainly won't it won't hurt anything to do that. Okay. We'll see you in a couple of weeks, Chad. Thanks again, Thomas. Have a great day.

About the Ntiva Apple for Business Livestream

Ntiva’s Ben Greiner and Chad Calease host the Ntiva Apple for Business livestream every other Tuesday from 12:00 to 12:30pm CT. These live events, presented by the Ntiva team of Apple experts, are sharply focused, easily digestible, and cover topics including the latest Apple/macOS/iOS technology updates, cybersecurity, data privacy, MDM and BYOD policies, and more! We take questions from the audience and share what's working—and not working—for us and others in the industry.

VIEW MORE LIVESTREAMS