Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

jchap

macrumors 6502a
Original poster
Sep 25, 2009
636
1,164
I've recently noticed that CleanMyMac now flags Parallels Desktop 17 as a "suspicious" app, as shown below.

CleanMyMac_Suspicious.jpeg

As shown in the image, their apparent reasoning for this is that the app is "associated with or owned by Russian or Belarusian developers, where government authorities can access their data directly upon request and without a court order."

In other words, it seems that MacPaw is now implying that Parallels Desktop is a security risk. As a freelance translator who depends on Windows (running under Parallels Desktop), this is alarming news.

A cursory glance of Parallels corporate info shows that they are a multinational company, now part of the Corel Corporation. Their website also shows that the company operates partially in the Ukraine and is very much in support of the Ukraine during this invasion.

parallels_statement_ukraine.png


However, when I reached out to MacPaw support to find out what their reasoning is for marking Parallels Desktop as suspicious and whether there are any actual security risks, I received no reply.

What I'm wondering is whether anybody has any information on any actual reported ties that Parallels may have to Russian or Belarusian developers who are identified cyberattackers, or any specific security risks that would now leave Parallels Desktop prone to specific cyberattacks, moreso than before. While I feel terrible about the plight of those in the Ukraine whose country has been invaded by Russia, I really don't see how they can actually link Parallels to any of this.

Parallels Desktop has been a key app for me for many years now, and VMWare Fusion for Mac has not yet been made publicly available for macOS Monterey, so it really seems like VMWare is quite a bit behind the game in terms of virtualization. If it did become necessary to switch to another solution for running Windows virtualized over macOS, I'm also wondering what the other viable options (if any) would be.
 
Last edited:

TiggrToo

macrumors 601
Aug 24, 2017
4,205
8,838
I've recently noticed that CleanMyMac now flags Parallels Desktop 17 as a "suspicious" app, as shown below.

View attachment 1990124
As shown in the image, their apparent reasoning for this is that the app is "associated with or owned by Russian or Belarusian developers, where government authorities can access their data directly upon request and without a court order."

In other words, it seems that MacPaw is now implying that Parallels Desktop is a security risk. As a freelance translator who depends on Windows (running under Parallels Desktop), this is alarming news.

A cursory glance of Parallels corporate info shows that they are a multinational company, now part of the Corel Corporation. Their website also shows that the company operates partially in the Ukraine and is very much in support of the Ukraine during this invasion.

View attachment 1990127

However, when I reached out to MacPaw support to find out what their reasoning is for marking Parallels Desktop as suspicious and whether there are any actual security risks, I received no reply.

What I'm wondering is whether anybody has any information on any actual reported ties that Parallels may have to Russian or Belarusian developers who are identified cyberattackers, or any specific security risks that would now leave Parallels Desktop prone to specific cyberattacks, moreso than before. While I feel terrible about the plight of those in the Ukraine whose country has been invaded by Russia, I really don't see how they can actually link Parallels to any of this.

Parallels Desktop has been a key app for me for many years now, and VMWare Fusion for Mac has not yet been made publicly available for macOS Monterey, so it really seems like VMWare is quite a bit behind the game in terms of virtualization. If it did become necessary to switch to another solution for running Windows virtualized over macOS, I'm also wondering what the other viable options (if any) would be.

I’d hardly put much trust in CleanMyMac to be brutally honest… It’s not got, shall we say, a stellar reputation…
 

TiggrToo

macrumors 601
Aug 24, 2017
4,205
8,838
I've recently noticed that CleanMyMac now flags Parallels Desktop 17 as a "suspicious" app, as shown below.

View attachment 1990124
As shown in the image, their apparent reasoning for this is that the app is "associated with or owned by Russian or Belarusian developers, where government authorities can access their data directly upon request and without a court order."

In other words, it seems that MacPaw is now implying that Parallels Desktop is a security risk. As a freelance translator who depends on Windows (running under Parallels Desktop), this is alarming news.

A cursory glance of Parallels corporate info shows that they are a multinational company, now part of the Corel Corporation. Their website also shows that the company operates partially in the Ukraine and is very much in support of the Ukraine during this invasion.

View attachment 1990127

However, when I reached out to MacPaw support to find out what their reasoning is for marking Parallels Desktop as suspicious and whether there are any actual security risks, I received no reply.

What I'm wondering is whether anybody has any information on any actual reported ties that Parallels may have to Russian or Belarusian developers who are identified cyberattackers, or any specific security risks that would now leave Parallels Desktop prone to specific cyberattacks, moreso than before. While I feel terrible about the plight of those in the Ukraine whose country has been invaded by Russia, I really don't see how they can actually link Parallels to any of this.

Parallels Desktop has been a key app for me for many years now, and VMWare Fusion for Mac has not yet been made publicly available for macOS Monterey, so it really seems like VMWare is quite a bit behind the game in terms of virtualization. If it did become necessary to switch to another solution for running Windows virtualized over macOS, I'm also wondering what the other viable options (if any) would be.

Download Malwarebytes (it’s free) and scan with that.
 

allan.nyholm

macrumors 68020
Nov 22, 2007
2,317
2,574
Aalborg, Denmark
I've recently noticed that CleanMyMac now flags Parallels Desktop 17 as a "suspicious" app, as shown below.


As shown in the image, their apparent reasoning for this is that the app is "associated with or owned by Russian or Belarusian developers, where government authorities can access their data directly upon request and without a court order."

In other words, it seems that MacPaw is now implying that Parallels Desktop is a security risk. As a freelance translator who depends on Windows (running under Parallels Desktop), this is alarming news.

A cursory glance of Parallels corporate info shows that they are a multinational company, now part of the Corel Corporation. Their website also shows that the company operates partially in the Ukraine and is very much in support of the Ukraine during this invasion.



However, when I reached out to MacPaw support to find out what their reasoning is for marking Parallels Desktop as suspicious and whether there are any actual security risks, I received no reply.

What I'm wondering is whether anybody has any information on any actual reported ties that Parallels may have to Russian or Belarusian developers who are identified cyberattackers, or any specific security risks that would now leave Parallels Desktop prone to specific cyberattacks, moreso than before. While I feel terrible about the plight of those in the Ukraine whose country has been invaded by Russia, I really don't see how they can actually link Parallels to any of this.

Parallels Desktop has been a key app for me for many years now, and VMWare Fusion for Mac has not yet been made publicly available for macOS Monterey, so it really seems like VMWare is quite a bit behind the game in terms of virtualization. If it did become necessary to switch to another solution for running Windows virtualized over macOS, I'm also wondering what the other viable options (if any) would be.

One of the updates to CleanMyMacX via MacPaw's Setapp is the identification of Russian developers and then putting them in that category you see. It was an update on the 1st of April, so it could be an April Fool's
It hasn't been taken out. I assume it's there to stay. It must be a personal thing against the developers of Parallels from MacPaw. Personally I thought that Parallels was Russia-based. I think I am not alone in thinking that? I don't use Parallels as I don't subscribe to their expensive applications for my use. Windows 10 and Windows 11 is flying with VMware 12 Player.

MacPaw as a company is really going out with a bang.

Your comment on VMware Fusion not being updated for Monterey, that's not correct. VMware 12 is out and working 100% on macOS Monterey. It's even free for personal use. So get to installing ;)
 

jchap

macrumors 6502a
Original poster
Sep 25, 2009
636
1,164
One of the updates to CleanMyMacX via MacPaw's Setapp is the identification of Russian developers and then putting them in that category you see. It was an update on the 1st of April, so it could be an April Fool's
It hasn't been taken out. I assume it's there to stay. It must be a personal thing against the developers of Parallels from MacPaw. Personally I thought that Parallels was Russia-based. I think I am not alone in thinking that? I don't use Parallels as I don't subscribe to their expensive applications for my use. Windows 10 and Windows 11 is flying with VMware 12 Player.

MacPaw as a company is really going out with a bang.

Your comment on VMware Fusion not being updated for Monterey, that's not correct. VMware 12 is out and working 100% on macOS Monterey. It's even free for personal use. So get to installing ;)
An April Fool's update? Interesting. I would agree with you that there may be some personal grudges at play. I'm not sure I would agree with the sentiment that "MacPaw as a company is going out with a bang"—they do have Setapp, which apparently they're doing well with, and they have offices in other places besides the Ukraine.

Why would you think that Parallels is based in Russia? They have offices there, but I couldn't find any evidence that their development is done in Russia. Of course, it would be hard to tell, as Parallels likely wouldn't divulge the countries their developers reside in. I still found it hard to believe that Parallels would publicly voice their support of the Ukraine on one hand, while hiring developers from Russia well versed in cyberattack methods on the other.

About VMWare, I was rather confused by their current offerings. Maybe I was reading some old information. As you said, apparently they do support Monterey now. I see that they have Fusion Player and Fusion Pro, but the differences don't seem too large for the average consumer. I'll check it out in greater detail—thanks for the tip.
 

jchap

macrumors 6502a
Original poster
Sep 25, 2009
636
1,164
I’d hardly put much trust in CleanMyMac to be brutally honest… It’s not got, shall we say, a stellar reputation…
So-called "cleaner" apps for the Mac got their reputation tainted due to MacKeeper in particular, which engaged in considerably questionable behavior and marketing methods for many years, as I recall. CleanMyMac seems to have a better reputation, and in my experience it does offer some useful functionality. It seems wise not to trust it 100%, though, like anything else in the tech world...
 
Last edited:

jchap

macrumors 6502a
Original poster
Sep 25, 2009
636
1,164
Download Malwarebytes (it’s free) and scan with that.
MalwareBytes is a good app and I use it, but it's a bit of a different beast than CleanMyMac, being a general client-side security app with some browser extensions and so on. CleanMyMac is more of an all-in-one system optimization utility, which happens to have a malware scanning feature. Personally, I thought the user experience and interface for CleanMyMac has been done pretty well, and it seems to work as advertised.
 
Last edited:

allan.nyholm

macrumors 68020
Nov 22, 2007
2,317
2,574
Aalborg, Denmark
An April Fool's update? Interesting. I would agree with you that there may be some personal grudges at play. I'm not sure I would agree with the sentiment that "MacPaw as a company is going out with a bang"—they do have Setapp, which apparently they're doing well with, and they have offices in other places besides the Ukraine.

Why would you think that Parallels is based in Russia? They have offices there, but I couldn't find any evidence that their development is done in Russia. Of course, it would be hard to tell, as Parallels likely wouldn't divulge the countries their developers reside in. I still found it hard to believe that Parallels would publicly voice their support of the Ukraine on one hand, while hiring developers from Russia well versed in cyberattack methods on the other.

About VMWare, I was rather confused by their current offerings. Maybe I was reading some old information. As you said, apparently they do support Monterey now. I see that they have Fusion Player and Fusion Pro, but the differences don't seem too large for the average consumer. I'll check it out in greater detail—thanks for the tip.

I've just seen too many MacPaw updates on Twitter to get the impression that they are taking their position in Ukraine too seriously. When I say that MacPaw as a company is going out with a bang - it's based on various comments elsewhere(I read their comments subjectively and I have liked their tweets in the past on their unfortunate situation in Ukraine - now I feel it's on repeat)
I think their Setapp service is OK. Naive comment; I would prefer they suspend their service for the duration of the war
I am with Ukraine and their people. It's just not very fitting of MacPaw being so aggressive.

They are obviously a 'loud' developer team as their applications clearly shows.

My assumptions on Parallels is based in Russia stems from a while back - years actually.. I remember the internet being on fire and I think it was then that the whole Russia thing started and some didn't want to support that Russian spies got onto the computer via Parallels.

Remember that I used the past tense description when I said that I thought that they were based in Russia. I could not care less about this as I don't ever plan to use Parallels because I have VMware 12 and that functions for me with even getting graphics acceleration on macOS Monterey installation within a VM. All on an app that's free. Doesn't get any better.

If, as you say, that Parallels has offices there, then is probably the cause of the Suspicious section - believe it or not. I see it nothing more than a personal grudge at this point and not something that is based in reality.

Unless of course the developers of Parallels actively joins the war on Ukraine by sending all their available office slaves to the frontline.

All of my comments on MacPaw and Ukraine are all my personal naive comments. I do not have the IQ to reply back in a proper manner.
 
  • Like
Reactions: jchap

jchap

macrumors 6502a
Original poster
Sep 25, 2009
636
1,164
I think their Setapp service is OK. Naive comment; I would prefer they suspend their service for the duration of the war
I am with Ukraine and their people. It's just not very fitting of MacPaw being so aggressive.

They are obviously a 'loud' developer team as their applications clearly shows.

I'd agree that they do seem to have an "attitude" in their communications. I can understand their anxiety about the situation. I would prefer that they tone it down a bit, but then again it's not my country that's being invaded.

All of my comments on MacPaw and Ukraine are all my personal naive comments. I do not have the IQ to reply back in a proper manner.

Certainly has nothing to do with IQ. I appreciate you sharing your insights. I was wondering if it's just me who noticed this whole thing about the "Suspicious" ranking of Parallels Desktop in the CleanMyMac app. I wish I hadn't recently purchased a few Parallels licenses for my machines—VMWare might be good to check out. I remember using VMWare Fusion many years ago and wasn't impressed with its performance vs. Parallels, but things may have changed since then.
 

TiggrToo

macrumors 601
Aug 24, 2017
4,205
8,838
MalwareBytes is a good app and I use it, but it's a bit of a different beast than CleanMyMac, being a general client-side security app with some browser extensions and so on. CleanMyMac is more of an all-in-one system optimization utility, which happens to have a malware scanning feature. Personally, I thought the user experience and interface for CleanMyMac has been done pretty well, and it seems to work as advertised.
The whole point of downloading Malwarebytes is to scan Parallels and get a clean result, thus showing CleanMyMac is showing a false positive.
 

jchap

macrumors 6502a
Original poster
Sep 25, 2009
636
1,164
The whole point of downloading Malwarebytes is to scan Parallels and get a clean result, thus showing CleanMyMac is showing a false positive.
I think I understand what you're trying to say. That said, this would assume that Malwarebytes is actually capable of detecting whether a certain app is "Suspicious," under the grounds of being "an app associated with or owned by Russian or Belarusian developers," according to the language used by MacPaw in CleanMyMac. That's something that I don't believe Malwarebytes is capable of doing—it just scans for malware signatures, as I understand it.
 
  • Like
Reactions: TiggrToo

Realityck

macrumors G4
Nov 9, 2015
11,326
17,125
Silicon Valley, CA
IN 20+ years of using modern (OS X/macOS based) macs, I've never used any anti virus style program. And in all that time, I've never had any infection. Delete that crap and move on with life.
While I found malware software useful for windows, there is no reason to use it on a Mac except to detect malware on shared files between window and Mac users that is windows based that can’t effect a Mac. If go look at all the few malware for Macs they are all Trojans, which can easily be avoided by search for specifc files on a Mac. Like your comment I’ve never seen any malware on multiple Macs over the years, so do yourself a favor stop using these pretend to be useful applications unless you maintain windows files on you Mac in a business environment.
 

Realityck

macrumors G4
Nov 9, 2015
11,326
17,125
Silicon Valley, CA
As shown in the image, their apparent reasoning for this is that the app is "associated with or owned by Russian or Belarusian developers, where government authorities can access their data directly upon request and without a court order."

In other words, it seems that MacPaw is now implying that Parallels Desktop is a security risk. As a freelance translator who depends on Windows (running under Parallels Desktop), this is alarming news.
Clearly unjustified bias involved with that alert

CleanMyMac X is a product of MacPaw, a company with offices in Kyiv, Ukraine, and Santa Barbara, CA. It was founded in 2008 by Oleksandr Kosovan, a Ukranian developer.
 

TiggrToo

macrumors 601
Aug 24, 2017
4,205
8,838
While I found malware software useful for windows, there is no reason to use it on a Mac except to detect malware on shared files between window and Mac users that is windows based that can’t effect a Mac. If go look at all the few malware for Macs they are all Trojans, which can easily be avoided by search for specifc files on a Mac. Like your comment I’ve never seen any malware on multiple Macs over the years, so do yourself a favor stop using these pretend to be useful applications unless you maintain windows files on you Mac in a business environment.

100% categorically and verifiably wrong.

Mac malware exists and has been found time and time again. Much of it can be delivered by visiting a website laced with malicious code. The exploits take advantage of unpatched vulnerabilities to gain enhanced permissions which then allows the malware to take root and do its work.

Dazzlespy, for example was a recent piece of malware that was used on pro-democracy Chinese websites. Exploiting CVE-2021-1789, it delivered its payload via mac.js that then executed some in-memory code to gain root.

”Oh I don’t visit such websites” you say.

OK, so I’ll give you SysJoker: this little bugger targeted Windows, Linux AND Mac users late last year - which had multiple different methods of getting onto your device - either via infected NPM packages, poisoned adverts or malicious downloads.

”Oh, I don’t use Javascript - I NoScript” everything and block all adverts, you say.

OK, so I’ll give you the popular app Handbrake in 2017 that, for a four day window, had the official dmg image modified by hackers to attach a trojan.

”Oh, I don’t download third party apps” you say.

Great - so what else you do with your expensive Mac other than run crippled websites and MAS only apps?

Or…you could get a Malware detection product and get you live your life - and use your expensive Mac device more.

Listen: You don’t wanna use anything then that’s your right. But please, for the love of all that is good, do NOT recommend others follow this otherwise terrible advice - especially when users can use something like Malwarebytes on demand for absolute free.
 

clevins

macrumors 6502
Jul 26, 2014
413
651
100% categorically and verifiably wrong.

Mac malware exists and has been found time and time again. Much of it can be delivered by visiting a website laced with malicious code. The exploits take advantage of unpatched vulnerabilities to gain enhanced permissions which then allows the malware to take root and do its work.

Dazzlespy, for example was a recent piece of malware that was used on pro-democracy Chinese websites. Exploiting CVE-2021-1789, it delivered its payload via mac.js that then executed some in-memory code to gain root.

...OK, so I’ll give you SysJoker: this little bugger targeted Windows, Linux AND Mac users late last year - which had multiple different methods of getting onto your device - either via infected NPM packages, poisoned adverts or malicious downloads
Listen: You don’t wanna use anything then that’s your right. But please, for the love of all that is good, do NOT recommend others follow this otherwise terrible advice - especially when users can use something like Malwarebytes on demand for absolute free.
And how many people were affected by this? What percentage of Macs does that represent?

I never go to pro-democracy Chinese sites, so that one is irrelevant to me. Sysjoker likewise; poisoned adverts are an issue of course, but for the vast majority of folks, NPM packages are not and anyone who downloads and installs stuff willy nilly is an idiot.

it's not that Macs can't be infected. It's that once we exclude targeted attacks and attacks requiring physical access, I simply don't know of anything that's become widespread. As I've said, I've never used any AV scanner (I use adblockers and NextDNS as a firewall) but for grins, I installed and ran Malwarebytes. The result:

Screen Shot 2022-04-12 at 11.25.25 AM.png


IF people want to run this stuff, fine but having these vendors tag something as suspicious for political reasons is BS and obsessing over the possibility of malware is silly.
 

TiggrToo

macrumors 601
Aug 24, 2017
4,205
8,838
And how many people were affected by this? What percentage of Macs does that represent?

I never go to pro-democracy Chinese sites, so that one is irrelevant to me. Sysjoker likewise; poisoned adverts are an issue of course, but for the vast majority of folks, NPM packages are not and anyone who downloads and installs stuff willy nilly is an idiot.

it's not that Macs can't be infected. It's that once we exclude targeted attacks and attacks requiring physical access, I simply don't know of anything that's become widespread. As I've said, I've never used any AV scanner (I use adblockers and NextDNS as a firewall) but for grins, I installed and ran Malwarebytes. The result:

View attachment 1990546

IF people want to run this stuff, fine but having these vendors tag something as suspicious for political reasons is BS and obsessing over the possibility of malware is silly.

It takes ONE time to make your life a misery.

Why risk it?
 

clevins

macrumors 6502
Jul 26, 2014
413
651
It takes ONE time to make your life a misery.

Why risk it?
Never leave the house. You might get hit by a car or struck by lightning or... ANYTHING. It only takes one time! Why risk it!!!

Look, if there's a shared Mac or it's known that people who use a Mac are careless with downloads, sure fine. But I look at my 22 years of no infection despite using every OS X version since 10.0 and I just can't be overly concerned.
 

Realityck

macrumors G4
Nov 9, 2015
11,326
17,125
Silicon Valley, CA
100% categorically and verifiably wrong.

Mac malware exists and has been found time and time again. Much of it can be delivered by visiting a website laced with malicious code.
User education against computer security best practices can prevent a lot of things from occurring on a Mac. If you see your Safari or Firefox browser which should be always running in private mode go to something that is unusual and purposely looks like it trying to execute a process, or start a download then just quit the application. You're not retaining any script, cache, web data at all. If you find something in downloads related to this instance then just delete it. As I said most malware over the years has been trojans. They are easy to prevent execution. You mention a open source application being hacked adding a trojan for one instance that is extremely rare. I seen probably the worst sites that try in vain to run something against a Mac, but its mostly fake alerts to get you to buy things like cleanmymac. :D
 
  • Like
Reactions: Hella89

TiggrToo

macrumors 601
Aug 24, 2017
4,205
8,838
Never leave the house. You might get hit by a car or struck by lightning or... ANYTHING. It only takes one time! Why risk it!!!

Look, if there's a shared Mac or it's known that people who use a Mac are careless with downloads, sure fine. But I look at my 22 years of no infection despite using every OS X version since 10.0 and I just can't be overly concerned.

Hyperbole.

Your PERSONAL experience doesn‘t matter a hill of beans. YOU are not everyone.

I’ve not been actively infected in my life either - although I’ve had two hits on potentials.

My brother-in-law - not so lucky.

Why do you think YOU represent everyone else?

My advice is for the masses. Your advice is for the elite. Who uses computers more?
 

johannnn

macrumors 68020
Nov 20, 2009
2,313
2,599
Sweden
In other words, it seems that MacPaw is now implying that Parallels Desktop is a security risk. As a freelance translator who depends on Windows (running under Parallels Desktop), this is alarming news.
What are you worried about? How would Putin access your desktop? Parallels is not even a Russian company https://en.wikipedia.org/wiki/Parallels_(company)

You should use KnockKnock (from my favorite security developer), or Malwarebytes which has been recommended already.
 
  • Like
Reactions: Tagbert

TiggrToo

macrumors 601
Aug 24, 2017
4,205
8,838
Never leave the house. You might get hit by a car or struck by lightning or... ANYTHING. It only takes one time! Why risk it!!!

Look, if there's a shared Mac or it's known that people who use a Mac are careless with downloads, sure fine. But I look at my 22 years of no infection despite using every OS X version since 10.0 and I just can't be overly concerned.

To use your logic, why would anyone carry any more car insurance than is legally required if they’ve never had an accident in all their years of driving?

Your mindset is: it’s not happened to me therefore it’ll never happen to anyone.
 

clevins

macrumors 6502
Jul 26, 2014
413
651
To use your logic, why would anyone carry any more car insurance than is legally required if they’ve never had an accident in all their years of driving?

Your mindset is: it’s not happened to me therefore it’ll never happen to anyone.
Sigh. No. My mindset is 'in 22 years it's not happened to me so I'm not going to worry about it.' I don't really give a crap what the rest of you do, but I do dislike promoting fear. Most people are fine without AV software, especially if they use a content blocker and aren't complete idiots. Acting like there's serious risk lurking around every corner isn't caution, it's paranoia.

Why do you think YOU represent everyone else?

My advice is for the masses. Your advice is for the elite. Who uses computers more?
I never claimed to. You decided you would put words in my mouth, then objected to your own words. Why do YOU think YOU represent the masses?

Bye now.
 
Last edited:
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.