Blog

All that glitters is not gold

In February 2019, security experts from Trend Micro published an article about a new variety of malware. This particular attempt gained additional attention because it was the first time that cybercriminals tried to run an .exe file (Windows executable) on macOS. To achieve this, they included a Mono framework which allows the execution of Microsoft .NET applications on macOS.

Unfortunately, many articles on this topic could give the wrong impression that Little Snitch itself was infected by this malware. Therefore, we want to clarify that Little Snitch has not been compromised at all in this attack.

The criminals just programmed their own malware, named it Little_Snitch_583_MAC_OS_X.zip and released it on some torrent networks. The good reputation of Little Snitch was misused to lure Mac users into installing malicious software on their computer. Apart from the name, this software has nothing in common with Little Snitch.

Unfortunately, it is a widely used ploy to misuse the name of a well-known and trusted brand to gain access to private user data. The good news is that there are a few simple and effective rules how to protect yourself from this kind of threat. The most important one:

Don’t download software from shady websites.

You have to keep in mind that nearly every time you go looking for cracked software, you will get malware. And often, like in this case, it’s just the malware, even without the desired product you were looking for.

Of course we are not amused that the good name of Little Snitch was abused, but we also see it as proof of our product’s popularity and reputation. Also, we are proud that we can assure you that there was no breach of the integrity and security of Little Snitch at any point. Quite the contrary, Little Snitch helps you to keep your data safe from this kind of malware.

So, to sum this up: If you want to get Little Snitch when downloading something named “Little Snitch” — download it from our website.

About the Issues with Code Signing Checks in Little Snitch

A security vulnerability was recently disclosed by Josh Pitts, a security researcher at Okta. This vulnerability affects third-party macOS apps that check the code signatures of other apps by tricking them into treating a maliciously crafted fat binary as coming »

Cardhop & LaunchBar

Flexibits, the producer of Fantastical, recently released a new app called Cardhop: It’s an app enabling you to manage your contacts by “using a simple sentence”. I’ve downloaded it some days ago and I’d call myself a »

Little Snitch 4

A new major upgrade for Little Snitch 4 is now available! 🎉 We’ve been hard at work to get many new features into this version and we think with all the new features, you’re really going to like it! »

Little Snitch and Possible Deprecation of NKEs

In a WWDC session, David Schinazi has mentioned that Network Kernel Extensions (NKEs) ”will be deprecated”. He asked developers to transition to the Network Extension (NE) framework and approach Apple to report any problems with this. This statement, mentioned in »

Archive