I just wondered if anyone has actually ever had a real crisis using a Mac ie a virus infection, back door, trojan, keylogger, ID theft etc etc
Personally, in the 15 years I've been online, I've only had one virus - that was on a PC running without AV and it took about 15 minutes to clean up.
I have, but I'm pretty sure it was a Java based trojan. Note this is going to be rather long winded as I'm bored and feel like going into great detail but the long and short of it is I got infected by a trojan through Java on my Powerbook which, isn't technically the Mac's fault but it's worth taking heed of given how out of dat ethe standard Apple installs of Java are on PPC OS X. As far as I'm aware you could get infected with one of those on any system running affected Java versions, just by visiting infected websites. I know the intrusion was on my Mac too, and not my PC, since I used a credit card to buy a pizza online with my Mac which I hadn't used for months anywhere else and low and behold about a week later someone tried to send money through Western Union with it for 400 quid. I suppose it's possible I lost the card info somewhere else, months prior, but my experience of these intrusions is they don't hang around once they get things like bank details or credit card info in case the intrusion is detected and the account details changed so I'm fairly "confident" it was the Mac that had the infection as a result.
I didn't lose any money incidentally since as with most credit cards I was protected against fraud but even so, I immediately wiped the Powerbook's HDD and reinstalled everything on it once I found out. I also now disable Java in the control panel and also in Safari on all three of my PPC Macs, since I don't need or use it anyway and quite frankly it's a security risk as far as I'm concerned. I don't know how effective turning it off in OS X actually is mind you, I'd much rather uninstall it but I don't think you can with OS X what with it coming essentially built-in with the OS (if I'm wrong about that I'd love to know how to get rid of it completely).
Oddly enough in the time I've used computers that was only the second time I've ever been infected by a trojan (well I presume it was a trojan). And while I'm not 100% sure if Java was the culprit, given this was actually in the days since Intel Macs came out I'd be surprised if it wasn't what with Java in 10.5.8 being outdated by several years at that point (think this happened around 2007/2008 maybe later).
The first time I was a victim of an infection was... Surprise surprise, a java incursion. On my PC. Now that really was a trojan. And yet again, I'd lost a credit card info to the bastards before I found out. This was in the days when Vista was still the main Windows OS and I didn't want to touch that with a bargepole, but I found XP to be too outdated, so I obtained myself a lovely copy of Windows Server 2003 R2 which, for all intents and purposes once you'd tweaked the hell out of it, was basically an updated and somewhat more secure version of XP Pro (and again onces tweaked to kingdom come it functions less like the server OS it was and more like it's consumer OS counterpart).
Believe it or not, I didn't run antivirus on that machine in the many years I used it. I didn't feel like I needed to. I didn't tend to surf dodgy wbesites and I felt I was pretty savvy when it came to downloading things. What I wasn't savvy about though was Java. I had it installed simply because I thought it was one of those things you needed to get a good experience out of web browsing, and maybe back in those days it was, but one day, I got the fraud alert on my credit card and suspicious I ran a free virus check on my computer and low and behold it found at least two Java files hidden away that it identified as trojans. I seem to recall at the time what was going on was some smart dick had found a flaw in Java that allowed to it automatically and in the background download these trojans, install them and let them run, but I think they only worked on your browser. Effectively spied on your browser use. Infected sites could otherwise be perfectly legitimate but if attacked could have code injected into them via SQL flaws or something, that's how legitimate sites could be infected.
Aannnnnyway, I cleaned the system and after that I installed Eset Smart Security on it and ever since then I've used either smart security of Nod32 on my PCs but I've never had an infection since (to my knowledge anyway) since like the Macs, I uninstalled Java and no longer touch it. if you want a laugh though get this for credit card fraud. So, the people that dump the infections don't tend to be th eones that use the cards, they're smart enough to know better (in most cases). What they do is sell the details on "black market" websites, and these days on the dark web most likely. Anyway clearly whoever bought my credit card details was not smart.
I found out about the fraud myself, not through my card company. I got a statement through and discovered I had had a payment sent to my account (not debited but credited, liek I'd had a refund or something) from an online casino. Turns out the idiot used my card to play online bingo or something, spent 50 quid, then won 100 quid. However what he didn't realise was winnings got paid back to the card you used to buy play time with, so I won 50 quid and my credit card company let me keep it.
It's probably one of the rare instances where a victim of credit card fraud actually benefited from it.
