Since when as this malware being known to affect OS X ?

Discussion in 'OS X Mavericks (10.9)' started by comics addict, Jan 15, 2014.

  1. comics addict macrumors 6502a

    Joined:
    Feb 16, 2013
    #1
    I currently run Sophos Anti-Virus for Mac Home Edition on my Mac running OS 10.9.1 and set it to make a complete scan of my main volume. And it red-flag this http://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Ma l~Phish-A.aspx

    I have seen this malware before (tends to always sneak in on Mail which is my preferred e-mail client) but back then it would say that it was known malware for Windows. Now it shows that it affects Mac, iOS, Andriod, BlackBerry, Windows phone & Linux. That made me pause for a second but the kicker is that it refers to the place where it resides https://www.dropbox.com/s/85wrwtjdqgrbzgy/Screenshot 2014-01-15 19.22.18.png and it says Did I Click for the name from where the container is. And this is my main concern, I have an app that is called Did I Click, that I downloaded from the Mac App Store https://itunes.apple.com/us/app/did-i-click/id555241974?mt=12 but I am not tech-savvy enough to be sure. I did tell Sophos to show me the 'malware' in question and indeed it shows under its path to reside within Mail so I am not sure. What do you guys think ?
     
  2. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #2
    It is hard to tell since the full path (...) is not shown there. Can you go to the actual Mail path ~/Library/Mail/ and drill down to where is says and see if the file is there? It looks like it might be referring to a mail message.

    Code:
    ~/Library/Mail/
    Open Finder then hit shift-command-g and paste this in to get you started finding that folder.
     
  3. comics addict thread starter macrumors 6502a

    Joined:
    Feb 16, 2013
    #3
    Thanks for responding, Finder wouldn't pinpoint the file path directly even with that turn on under review, besides the fact that it showed that it was under mail. Seemed to be a e-mail or something by the looks of it. Did a little more research and found that it refers to a phasing scam via e-mail. I simply instructed Sophos to clean it up after I corroborated the file in question.
     

Share This Page