Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Flashback Trojan Returns With a Multi-Pronged Infection Strategy
- Thread starter MacRumors
- Start date
- Sort by reaction score
Thanks for the replies everyone.
I'm on Lion - and there was no certificate notification.
So I'm hoping I'm OK. But will be more careful in the future!
We are all going to be more careful in future but sensible practice will keep your Macs Malware free....My three have been unblemished (crosses fingers) and I have never felt the need for a third party AV AM solution ....It's one of the reasons I made the switch.
Wirelessly posted (Mozilla/5.0 (iPhone; CPU iPhone OS 5_0_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Mobile/9A405)
I just texted my mom: Be sure to keep your software updates current, don't run anything flagged for an invalid security certificate without checking with me first, and don't run anything claiming to be a Flash updater created by Apple as the real ones are made by Adobe. I'm hoping that's enough to get her covered until ML comes out. I guess you could always activate Gatekeeper for Lion...
jman240 said:
I just texted my mom: Be sure to keep your software updates current, don't run anything flagged for an invalid security certificate without checking with me first, and don't run anything claiming to be a Flash updater created by Apple as the real ones are made by Adobe. I'm hoping that's enough to get her covered until ML comes out. I guess you could always activate Gatekeeper for Lion...
Not necessary at all. FUD continues to be strong here.
By the way, where can I get this "virus"? The article doesn't explain. Is it gonna infect me from the air?
Fortunately for my parents, every time they see a shady pop up and have no effing clue what is, they call me and ask me before they click anything.
Those are the only two that I would recommend. For all the others I've read nothing but problems with ridiculous slow downs and kernel panics.
With ClamXav I just run it maybe once every couple weeks. It only runs manually so it doesn't slow down the computer in any way. It also gets updates frequently (which again you have to install manually). Never used Sophos but I've heard good things about it.
Over the two I'd recommend ClavXav as it's un-intrusive and only runs when you want it to.
http://www.macupdate.com/app/mac/15850/clamxav
Does Sophos detect this one yet?
Also, I could imagine being tricked into this one. As I work a lot with shared hosting platforms I would often see self-signed certs coming up and would routinely click the 'always trust' button. Not a good idea, of course, but proper SSL-capable hosting is much more expensive due to the requirement of a dedicated IP per domain name.
Why waste your time trying to explain? This point has been proved more than a billion times already, and people still come with the "security through obscurity ********"...
More than 50 MILLION Mac users, ZERO viruses, a handful of script kiddie trojans...even OS 9 with a much smaller market share had far more than that.
Intego is an antivirus maker, and it is in their best interests for their business to survive that viruses and trojans are out there.
I suspect that they're the ones writing these bugs or paying somebody to do it, so that people go buy their product.
It's funny how Intego is always the ones to mention about a new variant... It's never any other company, it's always them...
Think about it, if they want to sell a product that cleans viruses but there aren't any, how will their business succeed? Hence why I believe they're the ones writing the malware, because they're always the first to talk about new variants of known malware or even new malware. Other AV companies that make Mac AV products never talk about new malware, even though it's what makes their businesses work... but Intego is always talking about it.
I suspect that they're the ones writing these bugs or paying somebody to do it, so that people go buy their product.
It's funny how Intego is always the ones to mention about a new variant... It's never any other company, it's always them...
Think about it, if they want to sell a product that cleans viruses but there aren't any, how will their business succeed? Hence why I believe they're the ones writing the malware, because they're always the first to talk about new variants of known malware or even new malware. Other AV companies that make Mac AV products never talk about new malware, even though it's what makes their businesses work... but Intego is always talking about it.
Let's think like a malware author for a minute. Should I create malware that targets 90% of people and be alongside thousands of other malware applications which will make it harder to detect mine... Or should I write malware for 10% of the market, make less money from something that is illegal and risk quicker prosecution since I will get attention much quicker?
Since malware doesn't compete with other malware (people don't choose which virus/malware they will install) the "malware market share" argument doesn't really apply.
So yeah... the PC market share IS the reason why OSX has less malware than windows.
... wow how many times can I say malware in a post...
If you were on Snow Leopard then yes, no user interaction would be needed (if Intego is correct).
Open up Terminal and paste
Code:
ls -a /Users/Shared/.*.soIf anyone is truly concerned, there are free AV AM apps in the App store. All this talk has made me ever so slightly nervous....I have installed ClamAv a free scanner and AM app. I'm going to scan everything then I will relax again.
I use Sophos on both my iMac and my MBP. It works like a champ, and I highly recommend it. Usually, I have to manually update the AV definitions. Though that's not that big a deal, if you don't download questionable programs, attachments, content, etc.
One important note, if Sophos detects any malware, it will quarentine the offending file, but you will have to navigate to the file location and manually delete it. From what I've found, when Sophos detects a threat, it's due to some potential Windows malware.
As an additional precaution I NEVER click on links within e-mails.
I always go to the original site. Say, Adobe Flash pops up , Adobe reader pops up etc.
It takes a little longer to update, but so far it has been all good since 1984
I always go to the original site. Say, Adobe Flash pops up , Adobe reader pops up etc.
It takes a little longer to update, but so far it has been all good since 1984
Call me a cynic but I find it very very curious that a company whose main product is antivirus software is saying that having such software on your computer would protect you from this heinous malware.
Wirelessly posted (Mozilla/5.0 (iPhone; CPU iPhone OS 5_0_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A405 Safari/7534.48.3)
I consider Flash to be a trojan.
I consider Flash to be a trojan.
I use Sophos and have had no troubles with it. I have done runs with it deinstalled and then reinstalled and no noticeable slow downs or problems.
Plus it has detected items in Email attachments that unsuspecting colleagues have sent to me.
Hell, you could have 500,000 pieces of malware floating about, and you'd still never have to worry about it. Even in the windows scene, most of them go after old vulnerabilities that have long since been patched. As long as you're running some form of antimalware and update your OS regularly, your chances of catching any bugs is only a half step above nil.
Be the tiniest bit proactive, and don't be stupid. There you go. You're bug free.
Be the tiniest bit proactive, and don't be stupid. There you go. You're bug free.
And still potentially vastly less than what Windows gets. Especially when it comes to fresh new malware rather than rehashing of a handful of items.
Because Apple gets such major page hits on all issues no matter how slight, the blogs etc hype up the still rather rare bit of malware because it makes them money off the ads on the page. Whereas with Windows, such things are so common that folks brush it off and don't bother to follow the links en masse.
They also make terrible and unstable software and I wouldn't recommend even my worst enemy to install Intego on their Mac.