Possible Mac Virus?

Discussion in 'General Mac Discussion' started by JBytes, Feb 16, 2005.

  1. JBytes macrumors member


    Jul 16, 2002
    Nowhere to be found
    I hope I didn't scare you folks with the alarming subject title. Here's the dilemma. A friend's brother uses Internet Explorer on her home G5 to access his work's web mail account, which is on a PC network [of course]. His account was suddenly disabled by the network Admin who claims that the G5 infected his PC network with a virus. I told my friend to tell her brother to tell this network "guru" that he's full of it. Before I give him a "friendly" call, I thought I'd bring up the subject here to get your valued opinions. Here's a little exchange between the Admin and the young man. All parties names have been changed [I think]. Sorry for the lengthy message!

    The sister:

    Zak [the brother],
    When you have a chance, can you please ask Mr. Admin to get a bit more specific? Is there a virus name or a specific action that keeps occurring. It might also be helpful to let him know that I own a Mac G5...

    Mr. Admin: [After the above was forwarded to him]

    Have you used that PC to access your web-based e-mail?

    To which Zak replied:

    Hey Mr. Admin,
    I have used several PC’s to access my web email. My sister’s computer is a “Mac” but I also use PC’s at my schools computer lab.
    Look Mr. Admin, I don’t know much about computers, but what I do know is that not having access to my email has been quite frustrating. If there is any information you could share about this problem to help solve it as soon as possible that would be greatly appreciated. I really need to have my web email access reactivated.

    Mr. Admin fired back:

    I can tell you that over the course of one month, your sister’s computer “Goal-Trigger's-Computer” (MAC or whatever platform is used) has attempted to access your account and guess your password more than 500 times. The only course of action is for your sister to take the Mac to a professional for virus, worm, and hijack software removal. There is nothing I can do from my end but it is my responsibility to defend the company network from security attacks.
    I understand your frustration and as soon as that PC is cleaned I will open your account back up and check that the attacks do not happen again.

    ------------ End of exchange -----------

    Is the above scenario possible?

  2. jackieonasses macrumors 6502a


    Mar 3, 2004
    the great OKLAHOMA....
    I am mightly confused on what he is talking about. However, Right now there is no way the G5 is causing that problem. tell the Admin to sit on it....

  3. maya macrumors 68040


    Oct 7, 2004
    somewhere between here and there.
    Apparently the individual has accessed they email via the school PC that might have had a virus/trojan and then the email account has been locked by the admin. The problem does not apply to Mac OS X. :)

    The admin states this in they statement to this individual. ;) :)
  4. angelneo macrumors 68000

    Jun 13, 2004
    How does the admin identified the computer that is trying to access the account? It is weird that he locked up that account if he identified the attack origin and not disabled that particular computer/ip or that ip network. Given the limited information, I am guessing some other computer may be trying to break in. If its a virus/trojan, a keylogger might make more sense, rather than using force login.

    I would first ask the admin if he has a log of all those accesses. Match those log with your friend brother schedule. If the admin say he doesn't have the log or keep it, mock him.
  5. atari1356 macrumors 68000


    Feb 27, 2004
    The admin obviously doesn't know much about Macs, since he's making it out like it has a virus/worm. He probably sees stuff like that happen from PC's that are infected - and is just basing his arguments on those experiences.

    However, unless the admin is telling lies, it's clear there's something going on... based on what you've written here, it sounds more like someone is trying to hack into Zak's account from his sisters computer (and it could be a person with direct access to the computer, or someone who has managed to gain access to the computer remotely somehow). Either that, or Zak forgot his password 500 times in a month. ;)

    The only other far-fetched explanation I can think of is if Zak has some script that tries to automatically login and check email, but he accidentally gave the script the wrong login password.

Share This Page