An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
Malware Alarms
#21425 04/06/12 05:43 PM
Joined: Aug 2009
MG2009 Offline OP
OP Offline

Joined: Aug 2009
As most of you already know, there is a little buzz in the air (again) about MAC viruses and malware in the wild. There are several recent articles - predominately by WINDOWS bloggers and columnists. Many "report" that such entities are out there infecting MACS . . . but I have yet to find anyone EXPLAIN the ACTUAL harm these are causing (if, in fact, these do exist).

Is anyone of sound mind and body able to describe what is known to be out there and what specific damage these are causing for MAC users? (Looking to hear from 'Voices of Reason' and not from "alarmists.") wink

Thanks a bunch for any clarification . . . and piece of mind . . . and fixes (if needed) . . . that anyone can provide.

Re: Malware Alarms
MG2009 #21426 04/06/12 06:25 PM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
Check out the latest discussions in THE CYBER-SECURITY THREAD in the Lounge.

Re: Malware Alarms
MG2009 #21427 04/06/12 08:29 PM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
The current Flashback-variant trojan issue starts with this post. This malware can gain access to Macs via unpatched Java vulnerabilities.

The initial problem with this Trojan is that it hijacks the [Safari] browser every time it launches and redirects the user to a targeted website, but there is the more alarming potential to eavesdrop on your computer and internet activities, and send home the goodies including passwords etc.

The number of 500,000-600,000 infected Macs that goes around is allegedly based on telltale individual signatures of those Macs, comes from a relatively obscure Russian anti-malware site, but has not yet been substantiated or confirmed by others*. But that shouldn't detract from the threat, which is real and 'live in the wild'.

*) But see Flashfake Mac OS X botnet confirmed.

Last edited by alternaut; 04/09/12 03:15 PM. Reason: Added link about Flashback botnet confirmation

alternaut moderator
Re: Malware Alarms
MG2009 #21459 04/08/12 12:01 AM
Joined: Aug 2009
Moderator
Offline
Moderator

Joined: Aug 2009
MG2009,

In case the following might give you peace of mind . . . .

I used information from - How to remove the Flashback malware from OS X - under the section "How do I detect it?" - to see what Terminal reported for my Mac OS X 10.6.8 system.

I copied and pasted the three lines from the above link and section which began with
defaults read
into Terminal and pressed enter.

Three results stating "does not exist" were returned.

Then I did the same for
ls -la ~/../Shared/.*.so

"No such file or directory" was returned.

As far as I know, my system has all of the available updates installed.


Back up everything you can't afford to lose: documents, mail, movies, music, photos, and other data and settings.
Re: Malware Alarms
dianne #21489 04/09/12 02:56 PM
Joined: Aug 2009
Likes: 8
Offline

Joined: Aug 2009
Likes: 8
And for those a bit shy with Terminal, an Applescript has been posted on this blog that does the same. The author gives a link to download the script and also provides the full text of the script.


On a Mac since 1984.
Currently: 24" M1 iMac, M2 Pro Mac mini with 27" BenQ monitor, M2 Macbook Air, MacOS 14.x; iPhones, iPods (yes, still) and iPads.
Re: Malware Alarms
Ira L #21490 04/09/12 05:07 PM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
Scripts scare me far more than Terminal.
Former is way too complicated ~ opaque to a simple-minded user like me ... as FTMers and MFIers might remember from way back when.
At least I can cut-and-paste Terminal commands quasi-fearlessly ... as I did and reported in THE CYBER-SECURITY THREAD — with the same results as dianne.

Re: Malware Alarms
grelber #21492 04/09/12 09:20 PM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
Originally Posted By: grelber
Scripts scare me far more than Terminal. Former is way too complicated ~ opaque to a simple-minded user like me ...

Seems to me that this is a great opportunity to try a script smirk and get a feel for what's involved in running them (for giggles, compare the search terms in the script with your Terminal strings). After all, some Flashback detector scripts have been tested by others here (including myself) and work as advertised. Just follow the instructions at the bottom of this post. tongue


alternaut moderator
Re: Malware Alarms
dianne #21494 04/09/12 09:26 PM
Joined: Aug 2009
MG2009 Offline OP
OP Offline

Joined: Aug 2009
Thanks, Dianne.

I followed the TERMINAL instructions, as outlined, and got the same results as Dianne. (All looks clean to me.)


smile

Re: Malware Alarms
MG2009 #21498 04/10/12 12:00 AM
Joined: Aug 2009
Likes: 14
Offline

Joined: Aug 2009
Likes: 14
Me too....ditto on the thanks, dianne.

Last edited by ryck; 04/10/12 12:00 AM.

ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C

Moderated by  alternaut, dianne, MacManiac 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.021s Queries: 32 (0.014s) Memory: 0.6107 MB (Peak: 0.6975 MB) Data Comp: Zlib Server Time: 2024-03-29 12:26:15 UTC
Valid HTML 5 and Valid CSS