Content Archive for @nptacek
I wear a lot of hats and have picked up a lot of skills over the years, so I don’t really fit very neatly in any one category. Here’s some of what I’ve done:
- Helped stop a 4-million strong botnet that was responsible for at least $14 million in click-fraud.
- Helped identify and shut down a trojan horse responsible for the theft of 20 BTC.
- Full-stack developer with expert knowledge of the entire software development lifecycle; designed, developed, and shipped multiple award-winning security and privacy apps for the Mac platform.
- Created a number of free malware removal tools.
- I’ve written and spoken extensively about cybersecurity topics including ransomware, spyware, and digital privacy; my work has been cited extensively in print and on the web.
- I’m particularly proud of my time co-hosting The Checklist Podcast, during which I made it a goal to help make complex computer security topics accessible to as wide an audience as possible.
- Extensive experience with malware research and analysis, utilizing a variety of reverse-engineering and OSINT techniques to determine capabilities, advise on and implement appropriate response, and publish both technical and accessible research on a variety of threats.
- Extensive experience working with a diverse array of platforms and APIs across a number of e-commerce backends (eSellerate, FastSpring, DevMate, Paddle, MailChimp).
- I tend to see trends before others.
- I like helping people and sharing knowledge.
- I like to come up with novel solutions to unique problems.
- I work best in a fast-paced environment that is still guided by long-term vision.
- I’ve most recently been spending my spare time hard at work in the web3 space.
contact info: @nptacek on twitter, DMs are always open
Want to learn more about my work? Dive into the archive below.
Awards and Reviews
- Macworld/iWorld| Best of Show Award | PrivacyScan
- MacLife | PrivacyScan Review | 4/5 Stars - “GREAT”
- Macworld | MacScan Review | 4/5 Mice - “MacScan 3 review: Easy-to-use software stomps out malware, tracking cookies”
- Macworld Sweden | MacScan Review | 4/5 Stars — “Lysande Macscan rensar din Mac från farliga filer”
- Apple Matters | Review | MacScan & Your Trojan Lesson
- MacScan | Maximum Security, Fourth Edition, 2003 - pp. 611–612
- MacScan | Foundations of Mac OS X Leopard Security, 2008 - pp. 88–89
- MacScan | Mac Security Bible, 2010 - pp. 349, 351, 477–478
- MacScan | Enterprise Mac Security, 2010 - p. 229
- PrivacyScan | The Hacker’s Guide to OS X - Exploiting OS X from the Root Up, 2012, pp117–124
- North Dakota State and Local Intelligence Center (NDSLIC)| North Dakota Homeland Security Anti-Terrorism Summary | Reporting on Discovery of Boonana Trojan Horse
- State of Kansas Executive Branch Information Technology (EBIT) | Resources for Business | iOS Resources and Information| SecureMac.com
2005–2007 | Overview
I spent most of 2005 working on the design, code, and e-commerce integration for MacScan 2, initially conceived as an anti-spyware app for the Mac platform. MacScan 2 was released online near the end of the year, and officially debuted at Macworld Expo in early 2006. Over the next two years I worked on building out major new features for the program, including the transition from PowerPC to Intel architecture, support for Korean language localization, malware scan scheduling and tracking cookie identification and removal. End user support, bug fixes, and malware analysis continued to be part of my everyday work throughout the duration of my time with SecureMac.
When I first came across a Mac sample of the DNSChanger Trojan Horse in late 2007, I had no idea that it would end up becoming a major focus for the next few years of my professional career. The DNSChanger trojan horse is now considered one of the major hacking incidents of the early 2000's.
2008 | Overview
After releasing a free tool to remove the DNSChanger Trojan Horse from infected systems, I participated in the DNS Changer Working Group (DCWG), helping provide technical analysis, mitigation strategies, and support for users with infected systems. This work was essential to the success of Operation Ghost Click and in the years to come as we worked to clean a large number of infected systems from around the globe.
Later in the year I brought attention to another new piece of malware affecting Macs, and released a number of version updates for MacScan 2.
2008 | Writing
- SecureMac | Security Advisory | DNS Changer Trojan Horse — SecureMac Removal Instructions and Anniversary Followup
- SecureMac | Security Advisory | AppleScript.THT Trojan Horse
2008 | In The News
- Dark Reading | SecureMac Releases DNSChanger Trojan Removal Tool 2.0
- DCWG | DNSChanger Working Group Mitigation Strategies
- CNET | FBI tackles DNSChanger malware scam
- FBI.gov | International Cyber Ring That Infected Millions of Computers Dismantled
2009 | Overview
During this time I created the iWorkServices Trojan Horse removal tool, a free release from SecureMac, which served to blunt the impact of a botnet of infected machines that came online a few months later.
This year also saw a continuing game of cat-and-mouse with the DNSChanger malware authors as they worked to evade detection by MacScan 2 with new variants.
2009 | Writing
- SecureMac | Security Advisory | DNS Changer 2.0e Trojan Horse
- SecureMac | Security Bulletin | OSX/Jahlav-C = DNSChanger Trojan Horse
2009 | In The News
2010 | Overview
Right before Halloween 2010, I identified a brand new family of Mac malware, the Boonana trojan horse, and created another free removal tool, which was released by SecureMac. There was a bit of uncertainty in the media after misidentification by another security vendor, but I was confident in my analysis, which was later confirmed by Microsoft.
Much of my time coding was spent working on what would later be released as PrivacyScan, my second major commercial app. In addition, I continued to to work on MacScan 2, analyze malware, and provide customer support.
2010 | Writing
- SecureMac | Initial Analysis of trojan.osx.boonana.a
- SecureMac | Security Bulletin | Boonana Trojan Horse
2010 | In The News
- Macworld | Security firms differ on severity of new Mac malware threat
- Techworld | Mac users hit with Windows-style ‘Koobface’ Trojan
- Help Net Security | Boonana Trojan for Mac OS X spreads via social media
- Microsoft TechNet | Microsoft Malware Protection Center | It’s NOT Koobface! New multi-platform infector
- Help Net Security | New variant of Boonana Trojan discovered
- Macworld | Boonana Trojan not Koobface, says Microsoft
2011 | Overview
I spent much of 2011 in another game of cat-and-mouse with malware developers, this time with the Mac Defender family of fake anti-virus apps. During this time I released multiple version updates for MacScan 2, and continued working on PrivacyScan, which was starting to really come together.
2011 | Writing
- SecureMac | Security Bulletin | Mac Defender Rogue Anti-Virus Analysis and Removal
- SecureMac | Technical Analysis | Mac Defender Technical Analysis
- SecureMac | Security Bulletin | Blackhole RAT
- SecureMac | Security Advisory | Blackhole RAT 2 Trojan Horse for Mac OS X Discovered
2012 | Overview
PrivacyScan was released at Macworld | iWorld Expo 2012 to broad critical acclaim, winning a Best of Show Award from Macworld UK, and later selected as a Mac Gem for Macworld Gemfest 2012. The rest of the year was spent updating and supporting PrivacyScan in addition to MacScan 2, along with my normal malware analysis responsibilities.
2012 | Writing
2012 | Awards
2013 | Overview
I continued malware research, along with my work on MacScan 2 and PrivacyScan.
Adware had by now become widespread, and I brought attention to Mac adware being distributed from CNET’s Download.com site.
During this time I learned to navigate the process of a Mac App Store release, continuing to support both Mac App Store and non-Mac App Store versions of PrivacyScan for the lifespan of the program.
Around this time I started working on what would later become MacScan 3, a major version upgrade to a flagship product with a sizable active user base. The process of taking MacScan 3 from initial product concept, through design, development, testing, and on to successful commercial release became the focus of my work for the next few years, and constitutes my largest single creative output to date.
2013 | Writing
- SecureMac | Security Advisory | CNET’s Download.com Adware Installer Bundled with Popular Apps
- SecureMac | Security Advisory | CNet Adware Identification and Removal Guide for Mac OS X
2013 | Awards
2014 | Overview
Early in the year I discovered a new piece of crypto-stealing Mac malware after seeing a post on reddit. 20 BTC didn’t seem like quite as big of a deal back then!
I continued working on MacScan 3, mostly focusing on the necessary backend infrastructure and tools needed to support a commercial anti-malware program, including the migration from a perpetual license to SaaS sales model. I continued to provide malware analysis, updates, and support for MacScan 2 and PrivacyScan throughout the year.
In 2014, I built a small flappy bird clone called Dizzy Duck. Sadly, it is no longer in the App Store, but I feel I did justice to the attempt and had fun learning how to design and code something a bit outside of my normal area of expertise.
2014 | Writing
- SecureMac | Security Bulletin | New Apple Mac Trojan Called OSX/CoinThief Discovered
- SecureMac | Security Advisory | OSX/CoinThief Manual Identification and Removal Instructions
2014 | In The News
- threatpost | Mac Trojan Steals Bitcoin Wallet Credentials
- threatpost | CoinThief Bitcoin Trojan Found on Popular Download Sites
- Softpedia | Bitcoin-Stealing Mac Malware Distributed via Download.com and MacUpdate
- CoinDesk | ‘CoinThief’ Mac Malware Steals Bitcoins From Your Wallet
- Polygon | Mac Bitcoin-stealing malware spreads via cracked versions of Angry Birds and other apps
- F-Secure | Cited in Blog Post | Bob and Alice Discover a Mac OPSEC Issue
- Computerworld | Quoted in Article | Got a Mac? Prevent OPSEC leakage by cleaning hidden OS X files from USB drives
2015 | Overview
My major work focus in 2015 involved getting MacScan 3 across the finish line and ready to ship while continuing to provide support for existing product lines. I focused on frontend work, e-commerce integration, anti-piracy measures, and product testing throughout the year.
I was in full creative mode during this time period.
2016 | Overview
After officially launching MacScan 3 at Macworld San Francisco 2016, I found myself in charge of supporting three active commercial apps at the same time. I spearheaded the initiative to provide a clear end-of-life strategy to gracefully retire support for MacScan 2, which was successfully implemented over the course of the year. I facilitated the App Store takedown of an iOS app caught stealing Instagram passwords, gave an interview on ransomware, and started getting serious with my written work.
Additionally, I helped start The Checklist podcast, which turned out to be another major shift in my work focus over the next few years, as I started exploring other ways to share knowledge in an accessible format. Initial shows focused on core computer security concepts and best practices, laying a foundation for some of the more complex topics covered in later shows.
2016 | Writing
- SecureMac | Security Advisory | Meet AceDeceiver: The First iOS Trojan Horse
- SecureMac | User Guide | MacScan 3 User Guide
- SecureMac | Security News | Why The Internet of Things May Be More Trouble Than It’s Worth
- SecureMac | Security News | How Does The FBI Hack People?
- SecureMac | Security News | ARM-Powered Macs Are On The Way To Apple’s Product Stable
- SecureMac | Security News | Edward Snowden Designs An iPhone Case To Detect Government Spying
- SecureMac | Security News | Apple Bounty Program
- SecureMac | Security News | Apple To Start Requiring HTTPS For iOS Apps
- SecureMac | How-To Guide | 5 Things To Do Before Selling Your Old iOS Device
- SecureMac | How-To Guide | 5 Things To Do After Buying A New iPhone
- SecureMac | How-To Guide | 10 Things To Do When Setting Up Your New Mac - Part 1
- SecureMac | How-To Guide | 10 Things To Do When Setting Up Your New Mac - Part 2
- SecurityMagazine.com | Article | Back to School Security for iPads in the Classroom
- Home Business Magazine | Article | Cyber Security Tips for your Small Business
- SecureMac | How-To Guide | 5 things to do before selling your old Mac
- SecureMac | How-To Guide | 5 ways to identify and avoid online scams
- SecureMac | How-To Guide | Best Practices for Login and Password Security
- SecureMac | Demystifying Malware Types and Terminology - Part 1
- SecureMac | Demystifying Malware Types and Terminology - Part 2
- SecureMac | Q&A Grab Bag
- SecureMac | 2016 Mac Security Year In Review
2016 | Podcasts
- The Checklist Podcast | Selling Your Old iOS Device
- The Checklist Podcast | Securing Your New iPhone
- The Checklist Podcast | Securing Your New Mac - Part 1
- The Checklist Podcast | Securing Your New Mac - Part 2
- The Checklist Podcast | Securely Sell Your Mac
- The Checklist Podcast | Spotting Security Scams
- The Checklist Podcast | Security in macOS Sierra
- The Checklist Podcast | Password Dos and Don’ts
- The Checklist Podcast | Demystifying Malware Types and Terminology - Part 1
- The Checklist Podcast | Demystifying Malware Types and Terminology - Part 2
- The Checklist Podcast | Safe Digital Travels
- The Checklist Podcast | Safe Shopping Online
- The Checklist Podcast | Five Security Questions
- The Checklist Podcast | Five Tips for Secure Browsing
- The Checklist Podcast | The Muni Hack
- The Checklist Podcast | Five Ways Websites Track You
- The Checklist Podcast | Security Year in Review
2016 | In The News
2017 | Overview
I wrote a major piece on spyware (now more commonly known as stalkerware); a portion of this primer was republished as the feature article in the Fall issue of MacDirectory magazine.
I focused on current events in my writing this year, documenting emerging Mac malware threats, major security incidents, and answering questions received from podcast listeners. The podcast followed a similar pattern, while also covering some important topics in keeping kids and elders safe online. I continued commercial support for both MacScan 3 and PrivacyScan during this time, along with malware analysis.
2017 | Writing
- SecureMac | 2016 iOS Security Year In Review
- SecureMac | Recent Upswing in Mac Malware Activity
- SecureMac | Shadow Profiles on Social Media
- SecureMac | Sharing Preferences
- SecureMac | Q&A Grab Bag Redux
- SecureMac | All About Spyware
- SecureMac | Artificial Intelligence and Security
- SecureMac | The Equifax Hack
- Mac Directory Magazine | Feature Article | Spyware for Apple Devices | Aug/Sept 2017 Issue pp. 111–113
2017 | Podcasts
- The Checklist Podcast | iOS Security Year in Review
- The Checklist Podcast | VPNs
- The Checklist Podcast | Physical Data Security
- The Checklist Podcast | Must Have Security Apps
- The Checklist Podcast | Tor and the Dark Web
- The Checklist Podcast | Running Secure Backups
- The Checklist Podcast | iPhones and Kids
- The Checklist Podcast | Making Macs Safe for Kids
- The Checklist Podcast | Recent Mac Malware
- The Checklist Podcast | When You Think Your Mac’s Infected
- The Checklist Podcast | Avoiding Malware
- The Checklist Podcast | Secure Messaging Apps
- The Checklist Podcast | The Cloud
- The Checklist Podcast | Spring Cleaning Your Mac
- The Checklist Podcast | Shadow Profiles
- The Checklist Podcast | Forgotten Mac Password
- The Checklist Podcast | Sharing Preferences
- The Checklist Podcast | More Of Your Questions
- The Checklist Podcast | Spring Malware 2017
- The Checklist Podcast | Gone Phishing
- The Checklist Podcast | WannaCrypt
- The Checklist Podcast | Career Day
- The Checklist Podcast | Apple’s Hacker History
- The Checklist Podcast | Authentication and Authorization
- The Checklist Podcast | The Internet of Things
- The Checklist Podcast | Spam Spam Spam Spam
- The Checklist Podcast | Encryption
- The Checklist Podcast | Social Engineering
- The Checklist Podcast | A Brief History of Malware
- The Checklist Podcast | Identity Theft
- The Checklist Podcast | Spyware
- The Checklist Podcast | AI and Security
- The Checklist Podcast | Hacking Healthcare
- The Checklist Podcast | Five Huge Hacks
- The Checklist Podcast | All About Botnets
- The Checklist Podcast | How Many Lightbulbs Does It Take to Change the Internet
- The Checklist Podcast | The Equifax Hack
- The Checklist Podcast | HTTP versus HTTPS
- The Checklist Podcast | Online Threats to Privacy
- The Checklist Podcast | More Listener Questions
- The Checklist Podcast | Still More Listener Questions
- The Checklist Podcast | Blockchain and Bitcoin
- The Checklist Podcast | Safety in the App Stores
- The Checklist Podcast | App Stores and Malware
- The Checklist Podcast | Talking to Parents About Security
- The Checklist Podcast | Fixing Family Machines
- The Checklist Podcast | Gifts and Security
- The Checklist Podcast | macOS Built-in Security
- The Checklist Podcast | iOS 11 Security - Part One
- The Checklist Podcast | iOS 11 Security - Part Two
- The Checklist Podcast | Scams That Target the Elderly
- The Checklist Podcast | When Kids Are Targeted
2018 | Overview
Continued support and development for both MacScan 3 and PrivacyScan, along with malware analysis. During this time I helped facilitate the takedown of multiple subscription scam apps that had made it through Apple’s review process and into the App Store. I continued to cover a mix of both current events and core cybersecurity concepts through my writing as well as my spoken work on The Checklist.
I scaled back on my creative output as I unexpectedly ended up as executor of my father’s estate, and the work to settle his probate case occupied much of my free time over the next two years.
During this time I also started an in-depth exploration of VR/AR/XR hardware, software, and development platforms, accessories, and experiences, exploring the capabilities of the Microsoft Hololens, Magic Leap, and PlayStation VR platforms in detail.
2018 | Writing
- SecureMac | Apple’s No Good Very Bad Security Quarter
- SecureMac | 2017 Security Review — Part One
- SecureMac | 2017 Security Review — Part Two
- SecureMac | Overall iOS Security Features
- SecureMac | Mix and Match
- SecureMac | Digital Legacies
- SecureMac | Facebook’s Privacy Failures Leave You in the Cold
- SecureMac | Security threats targeting macOS and iOS
- SecureMac | More Security Fails
- SecureMac | Facebook Follies
- SecureMac | The Anatomy of a Data Breach, Part 1
- SecureMac | The Anatomy of a Data Breach, Part 2
- SecureMac | Router Rundown
- SecureMac | Mix and Match 3.0
- SecureMac | Is There a Plumber in the Building?
- SecureMac | What’s New in Security News
- SecureMac | Summer Security News
2018 | Podcasts
- The Checklist Podcast | Apple’s No Good Very Bad Security Quarter
- The Checklist Podcast | 2017 Security Review - Part 1
- The Checklist Podcast | 2017 Security Review - Part 2
- The Checklist Podcast | Meltdown and Spectre and You!
- The Checklist Podcast | Overall iOS Security Features
- The Checklist Podcast | Mix and Match
- The Checklist Podcast | Apple Watch and Security
- The Checklist Podcast | Running Old Tech (Or Not)
- The Checklist Podcast | Cryptocurrency and You
- The Checklist Podcast | Your Digital Legacy
- The Checklist Podcast | Facebook Fiasco
- The Checklist Podcast | New Hazards, New Helpers
- The Checklist Podcast | More Security Bungles
- The Checklist Podcast | Machine Learning 101
- The Checklist Podcast | Facebook Follies
- The Checklist Podcast | Anatomy of a Data Breach - Part 1
- The Checklist Podcast | Anatomy of a Data Breach - Part 2
- The Checklist Podcast | Graykey’s Anatomy
- The Checklist Podcast | Router Rundown
- The Checklist Podcast | WHOIS GDPR?
- The Checklist Podcast | Mix and Match 3
- The Checklist Podcast | Lots and Lots of Leaks
- The Checklist Podcast | Weakly Security Update
- The Checklist Podcast | Again with the Facebook
- The Checklist Podcast | Summer Security Roundup
- The Checklist Podcast | News of Note
- The Checklist Podcast | Privacy Nightmare at 30,000 Feet
- The Checklist Podcast | Untitled episode
- The Checklist Podcast | It’s Episode 100!
- The Checklist Podcast | Hacky Holidays!
2019 | Overview
During this time I concentrated on my core responsibilities supporting the existing commercial products, worked on an e-commerce platform migration for PrivacyScan, and continued administering my father’s estate.
In my free time, I continued my research with a deep-dive into VR/AR/XR and similar metaverse-adjacent areas.
2020 | Overview
I realized Covid would be a thing a number of months before it was on most peoples’ radar, and updated my plans for 2020 accordingly. Having worked remote for years at this point, not much changed for me on the day-to-day. I continued to support my existing projects, continued my exploration of VR/AR/XR, and navigated the chaotic year as best I could.
2020 | Writing
2020 | Podcasts
2021 | Overview
My SecureMac work continued apace in 2021, and I appeared in a couple articles from Vice.
I spent 2021 further engaging with topics in education through active exploration and experimentation in a novel pedagogical system that blends virtual learning in a small group environment with software tools to enable accessible discourse.
I helped set up, moderate, and run multiple Discord servers throughout 2021.
I took an interest in Dogecoin in early January 2021, and crypto was the focus of much of my personal research during the course of the year. I was incredibly excited by some of the possibilities unlocked by Loot Project and was inspired to focus my creative output on the web3/metaverse space.
Some of the things I’ve done in my free time over the past two months:
- Focus on outreach and community building efforts within the NFT space.
- I was selected as one of the first moderators for the Loot Project Forums, where I helped set up the initial mod team structure, goals, and code of conduct, helped onboard new mods, and where I continue to perform routine forum moderation responsibilities (Volunteer position).
- Wrote a couple onboarding pieces on NFTs.
- Found and responsibly disclosed a security hole I found in a live smart contract, working with the contract authors to mitigate the threat after verifying it was not otherwise exploited.
- Did a deep dive on NFT rarity analysis.
- Designed and developed an NFT market analytics and arbitrage app that offers a number of improvements over the native OpenSea experience. More information on this project coming soon.
I’m excited to see where this space goes from here.
Interested in my work? My DMs are always open over on Twitter.
2021 | Writing
- Medium | Identifying Arbitrage Opportunities in Non-Traditional Markets
- Medium | The WAGMIGOTCHI Experience
- Medium | Minting More Loot on iOS
- Medium | What if we held hands and bought the Constitution together?
- Medium | Navigating web3: Staying Safe on Discord
- Medium | Experimenting with ENS
- Medium | Right-click-save-face Part 1
- Medium | Right-click-save-face Part 2
- Medium | Lily Pads
- Medium | Building the future
- Medium | Trust in a Trustless System
2021 | In The News
- Vice | Quoted in Article | Bug In Mac’s Default Text App Could Let Hackers Reveal Your IP Address
- Vice | Quoted in Article | Apple ‘Still Investigating’ Unpatched and Public iPhone Vulnerabilities
2022 | Writing
- Medium | 6 Ways Elon Musk Could Make Twitter Better
- Medium | What comes next for web3?
- Medium | ZORA API Hackathon in Review
- Medium | Building with ZORA API
- Medium | AI is here, and it changes everything
- Medium | AI Art Lessons: Setting the Scene
- Medium | AI is here: What happens next?
- Medium | AI is here: What to be aware of
2022 | In The News
- The Information | Quoted in Article | Crypto’s Town Square Has Become “a Scammer’s Paradise.” Why Isn’t Discord Doing More to Clean It Up?
- Not Boring | Intertwining Threads