Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Virus Spyware message from Apple website

T

The-Pro

macrumors 65816
Original poster
Dec 2, 2010
1,453
40
Germany
So I was on the australian apple website looking for a genius bar appointment 2 days ago and today I clicked on the tab which was still open and it showed (screenshot attached). The webpage it displayed as being currently on was: gem-sol.in/mc/aus/ (see other screenshot)

Has anyone seen this before?? and whats going on?

I let Malwarebytes do a system scan and it didnt find anything.

cheers
 

Attachments

  • Screen Shot 2017-02-15 at 16.27.48.png
    Screen Shot 2017-02-15 at 16.27.48.png
    81.4 KB · Views: 124
  • Screen Shot 2017-02-15 at 16.27.44.png
    Screen Shot 2017-02-15 at 16.27.44.png
    10.6 KB · Views: 108
Your brief experience may be related to these stories I was cruising . . . . . . . . . the catalyst for coming here to see if anyone here was talking about this.

PCWorld
ArsTechnica
[doublepost=1487152909][/doublepost]It would seem that MacKeeper is implicated in the malware compromise being discussed in the linked articles.

I'm shocked. Shocked I tell you. ;)

BitDefender will apparently have its way with it, if anything related to these discussions managed to get onto your system.
 
Last edited:
  • Like
Reactions: Rok73
Which is why I was a bit freaked out, I read about that malware just earlier but I dont have mackeeper or that komplex downloader or whatever.

"Our preliminary analysis shows most of the C&C URLs impersonate Apple domains." hmmm maybe that was it. I didnt click anything on that webpage, I screenshotted it and closed it. Did I get lucky??? :D

Ill have a look at bitdefender, but I wont buy it unless I know im infected
 
That is a scam website. You're probably not actually infected with anything.

If the only site you had loaded was Apple's site and this popped up from there, then that may mean you've got something bad installed, or it may be a problem with your network. I wouldn't worry about either of these things unless these pop-ups keep appearing, though.

Whatever's going on, it's unrelated to the new XAgent malware. Not only is this not something the XAgent malware does, but XAgent is dead at this point... its command & control servers are down.
 
  • Like
Reactions: old-wiz
I had probably 30 sites open but the one i posted about replaced the apple site.
well good to know its most likely nothing and ill leave it at that :D
thanks!
 
The-Pro said:
Which is why I was a bit freaked out, I read about that malware just earlier but I dont have mackeeper or that komplex downloader or whatever.

"Our preliminary analysis shows most of the C&C URLs impersonate Apple domains." hmmm maybe that was it. I didnt click anything on that webpage, I screenshotted it and closed it. Did I get lucky??? :D

Ill have a look at bitdefender, but I wont buy it unless I know im infected
Click to expand...
There is a freeware scanning tool version of Bitdefender. There is also Trafficlight by Bitdefender, an extension for Safari available straight through the Apple App Store.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back