Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > Apple Systems and Services > OS X > OS X 10.8 Mountain Lion

Reply
 
Thread Tools Search this Thread Display Modes
Old Sep 26, 2012, 01:19 PM   #1
JamesP.
macrumors regular
 
Join Date: Jun 2012
Security help, possible malware?

Updated to ML 10.8.2

When i open Skype it try to allow incoming connection to port 57502.
Both times Little Snitch caught it.
Below are two images.

http://i49.tinypic.com/2r71uux.jpg

http://i48.tinypic.com/2cwt07k.jpg
skype asks when I log in each time.
I would have no contacts from either russia or isa.

Only irish or english.


I turned on Skype again and immediately again got another popup from little snitch showing
------------------------
Skype
wants to accept an incoming connection from 2.198.37.244 on TCP port 50752

IP Address 2.198.37.244
Reverse DNS Name No Reverse Name


--------------------------------------
restarted it again and gave this one
Skype
wants to accept an incoming connection from 2.198.37.244 on TCP port 50752

IP Address 87.9.221.109
Reverse DNS Name host109-221-dynamic.9-87-r.retail.telecomitalia.it


Any ideas on why these seem be connecting from all over.
And it happens each time I login, not anyone talking to me.

Here is little snitch before open Skype
http://i46.tinypic.com/2viimxi.jpg

Processes:
http://i48.tinypic.com/24pju6a.png


Another question...

Is this a possible cause?
http://www.zdnet.com/new-mac-malware...pe-7000001665/

and
Can I do a OS overwrite but keep my files?
JamesP. is offline   0 Reply With Quote
Old Sep 26, 2012, 02:03 PM   #2
mrapplegate
macrumors 68030
 
Join Date: Feb 2011
Location: Cincinnati, OH
Quote:
Originally Posted by JamesP. View Post
Updated to ML 10.8.2

When i open Skype it try to allow incoming connection to port 57502.
Both times Little Snitch caught it.
Below are two images.

http://i49.tinypic.com/2r71uux.jpg

http://i48.tinypic.com/2cwt07k.jpg
skype asks when I log in each time.
I would have no contacts from either russia or isa.

Only irish or english.


I turned on Skype again and immediately again got another popup from little snitch showing
------------------------
Skype
wants to accept an incoming connection from 2.198.37.244 on TCP port 50752

IP Address 2.198.37.244
Reverse DNS Name No Reverse Name


--------------------------------------
restarted it again and gave this one
Skype
wants to accept an incoming connection from 2.198.37.244 on TCP port 50752

IP Address 87.9.221.109
Reverse DNS Name host109-221-dynamic.9-87-r.retail.telecomitalia.it


Any ideas on why these seem be connecting from all over.
And it happens each time I login, not anyone talking to me.

Here is little snitch before open Skype
http://i46.tinypic.com/2viimxi.jpg

Processes:
http://i48.tinypic.com/24pju6a.png


Another question...

Is this a possible cause?
http://www.zdnet.com/new-mac-malware...pe-7000001665/

and
Can I do a OS overwrite but keep my files?
I would just delete Skype and download it again. Did you download it from skype.com?
mrapplegate is offline   0 Reply With Quote
Old Sep 26, 2012, 02:38 PM   #3
munkery
macrumors 68020
 
munkery's Avatar
 
Join Date: Dec 2006
OS X/Crisis doesn't work in Mac OS X 10.8

http://www.intego.com/mac-security-b...go-virus-team/

Quotes from article:

Quote:
It does not run on the new Mountain Lion 10.8.
Quote:
This threat has not yet been found in the wild, and so far there is no indication that this Trojan has infected users so right now the threat is considered to be a low risk.
Given the purpose of Skype, these connections are most likely normal connections for it to function as intended.

I would recommend deleting Little Snitch because that type of firewall doesn't actually have that much utility beyond making users paranoid.

Any malware that installs with sufficient privileges has the ability to create an exception for itself in the firewall rules. Some examples of Mac malware have done this against Little Snitch in the past.
munkery is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > OS X > OS X 10.8 Mountain Lion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Chinese Security Team Exploits Safari Security Flaw at PWN2OWN MacRumors Mac Blog Discussion 30 Mar 17, 2014 01:12 PM
Apple Enforces Adobe Flash Player Security Upgrade with Updated Malware Definitions MacRumors Mac Blog Discussion 51 Feb 15, 2014 11:04 AM
Security Researchers Detail New Combination of Touch ID and iOS 7 Security Feature Bypasses MacRumors iOS Blog Discussion 66 Oct 7, 2013 07:49 PM
Security Issue, Possible Malware?? shah1 OS X 4 Oct 29, 2012 12:22 PM
AVG Security toolbar is saying MacRumors Forums contain malware Greencardman Site and Forum Feedback 5 Jul 14, 2012 05:25 PM

Forum Jump

All times are GMT -5. The time now is 05:01 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC