Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Mac Mail Contacts Hacked

tscott said:
Dear all

Thanks for the replies. Especial thanks to Satcomer - I had not heard of EtreCheck and have now included it in my collection of helpful stuff.

I overcame my problem by going to google for my mail services. We already had Google Apps for Education happening but had not decided to use their mail option until this happened.

So, some things to think about. I believe my attack was sophisticated in that the payload being relayed was organised to scrape under our filtering. The offending traffic was intranet based. The malware relied on the ability of the mail app to relay the mail. Individual users had no idea that their mail client was being used to relay mail unless they were using Avira which popped up when one of the offending mails included recognised malware.

As soon as any interest was shown in a machine, it was not longer used to relay. This was as simple as using the web mail client for a number of hours.

The hit list included some members of our domain but the addresses included people who had left many years ago. It looked as if the address were from the Adobe and LinkedIn data breaches.

I would love to know how they have the mail app working - this is on El Capitan and Yosemite computers.
Click to expand...

Plus go to Apple - My Apple ID sign in and CHANGE your password immediately!
 
So...the "conclusion" to this is that it was "some sort of infection"? That's disappointingly vague and would be considered, in the OP's own viewpoint, "a failure". Not my viewpoint, though.

Not mentioned before is the possibility that the client with the original issue, the printing company who doesn't have copies of or receipts for a significant amount of their expensive software, was using pirated versions of some of this software and with pirated software comes a security risk (it wouldn't be the first time).

Also, as a list of what malware existed on the client's Mac was never posted, reviewing this thread as it stands now will be absolutely no help to anyone in the future.
 
  • Like
Reactions: barbu and millerj123
Dear Satcomer

Can you please join some dots for me here - what is the issue with the Apple ID?

BrianBaughn, if I new what the malware was, I would gladly share that with you. Avira and ClamXav have found nothing on the computers apart from the maleware that is being relayed/injected/posted.

The only reference on the web that looks vaguely like my problem is this one:

https://discussions.apple.com/thread/4236150?start=0&tstart=0
 
tscott said:
Dear Satcomer

Can you please join some dots for me here - what is the issue with the Apple ID?

BrianBaughn, if I new what the malware was, I would gladly share that with you. Avira and ClamXav have found nothing on the computers apart from the maleware that is being relayed/injected/posted.

The only reference on the web that looks vaguely like my problem is this one:

https://discussions.apple.com/thread/4236150?start=0&tstart=0
Click to expand...

To spell things out that Apple link controls iCloud and email, contacts sync! If his password was hacked the change your online password ASAP since the back could get his current password!
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back