Have you ever used your computer in the middle of the night or in a dark room and felt blinded by the brightness of your screen?
That’s not only unpleasant but also potentially bad for your eyes. That’s why many people prefer to use night mode, a feature that adjusts the temperature and contrast on your Mac to make it easier on your eyes.
NightOwl took a dark turn
But before night mode was available, Mac users relied on the app NightOwl to switch between light and dark mode depending on the time of day. Then out of nowhere apparent to any who had downloaded the app, NightOwl took a dark turn and has become a serious security threat.
How NightOwl became a problem for Mac users
NightOwl was once a useful app that helped Mac users adjust their screen modes according to the time of day. That changed after November 2022 when the original developer of NightOwl, Benjamin Kramser, sold the app to a company called TPE.FYI LLC. He has since accused the new owner of turning the app into what amounts to a malware delivery vehicle.
Kramser has posted on his developer site that the NightOwl app under new ownership “has opted to monetize the app by integrating a third-party SDK. This decision is not affiliated with me in any way, and I do not endorse it in any form.”
Although the more recent NightOwl owner has said in another report that the allegations are inaccurate and false, we have not heard back from TPE.FYI LLC after reaching out for additional comment. Apple has since reportedly revoked the app’s signing certificate.
How a nefarious app can affect your device
Why should you care about a nefarious app and uninstall it asap?
Unwanted traffic: By injecting malicious code into the app and making your device a “gateway,” NightOwl could send and receive internet data that was not meant for you. This is like having strangers use your home address for their online activities without your knowledge. This could use up your internet speed and make your connection slower.
Privacy concerns: With your device acting as a relay for unknown online traffic, there’s a lingering question: What kind of data is passing through? Personal data leaks, potential spying activities, or even illegal content could be routed via your Mac, jeopardizing your privacy.
Legal implications: If unsavory activities were conducted via your device, guess whose digital fingerprint is all over it? Yours. It could lead to potential legal complications even if you’re an unwilling and unknowing participant.
In essence, this app that seemed innocent enough became a Trojan horse. It is a deceitful tactic for botnets to sneak onto your device and infect it.
Changes buried in the terms of the app were suddenly applied outlining the app’s external activity with third parties.
The silver lining? The inherent dark mode in macOS means you no longer need NightOwl perched on your system.
FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER BY HEADING TO CYBERGUY.COM/NEWSLETTER
What to do if you already downloaded this app
If you already downloaded the NightOwl app on your Mac, you should uninstall it as soon as possible to avoid any potential security risks. Here are some steps you can follow to remove the app and its associated files.
- Close the NightOwl app on your Mac. You can right-click on the app icon on the Dock and select Quit.
- Open the Finder and click on Applications on the left panel. Find and locate NightOwl in the list of programs.
- Drag the NightOwl app icon to the Trash and release it. Alternatively, you can right-click on the app icon and select Move to Trash.
- Right-click on the Trash icon on the Dock and select Empty Trash. This will delete the app from your Mac but not its related files.
- To delete the related files, you need to access the hidden Library folder on your Mac. To do this, Click on Go on the top menu bar and select Go To Folder. Type ~/Library/ in the box and hit Enter.
- In the Library folder, look for the following subfolders, Application Support, Caches, and Preferences. Open each of these subfolders and delete any files or folders that have NightOwl.
- After deleting all the related files, you can close the Library folders and empty the Trash again.
To make sure that your Mac is free of any malware that might have been installed by NightOwl, you should also scan your Mac with reliable antivirus software. It will protect you from having your data breached and can also alert you of any phishing emails or ransomware scams. See my expert review of the best antivirus protection for your Windows, Mac, Android & iOS devices by heading to CyberGuy.com/LockUpYourTech
How to protect yourself
One is left to wonder, if an app that seems innocent can infect my device, how do I protect myself? Do I simply avoid downloading things altogether? No, but definitely try the following:
Trust but verify: While it’s tempting to download that flashy new app everyone’s talking about, remember to exercise caution. Before any installation:
- Research: Take a moment to scroll through reviews and recent news related to the app. User forums can be enlightening.
- Permissions: Once installed, monitor what permissions the app is seeking. If a simple note-taking app wants access to your entire photo library, red flags should go up.
- Updates: While it’s often a good idea to update your devices and have the latest version of an app, be wary if the new update asks for a lot more permissions or if users report suspicious behavior post-update.
App Store = Safe haven: Apple’s Mac App Store is curated, meaning apps go through checks:
- Screening: Apple runs checks for malicious code in apps before they hit the store.
- User feedback: The rating and review system in the store can be an early warning system. Look out for recurring concerns in user reviews.
- Personal vigilance: However, even the most secure platforms aren’t immune. Always pair your downloads with personal vigilance.
Have strong passwords and use 2-factor authentication: Using the same password across multiple platforms will always make you more vulnerable because if one account gets hacked, they all get hacked. Plus, be sure to activate 2-factor authentication as an extra shield that will prevent a hacker from getting into your accounts. Finally, make sure to use a password manager to keep track of all your passwords.
Kurt’s key takeaways
There seems to be an app for everything, making life so much easier. However, by following these simple steps, you can avoid welcoming a malicious app disguised as a Trojan horse onto your device.
Ever encountered an app that revealed a darker side? Let us know by commenting below. Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Copyright 2023 CyberGuy.com. All rights reserved.