Vulnerability OS X from inside a home network?

Discussion in 'macOS' started by Oceanborn, Jul 1, 2013.

  1. Oceanborn macrumors newbie

    Joined:
    Jun 20, 2010
    #1
    Hi all,

    a security question: my girlfriend picked up two JS/blacoleref.dd trojans on her work computer while using it at home. They were detected in the temp internet files by her virusscanner (Forefront Endpoint protection I think). I immediately clicked the option to remove them.

    I do not know if they were detected 'real time' (realtime protection was on) or if a scheduled system scan found them. I therefore do not know how long they've been on her computer and if they have been active or not. Her companies ICT department took a quick look (no in-depth investigation) and concluded there was no problem as the trojans were detected by the virus scanner and the antivirus gave the system a 'protected' rating.

    I know that with careful internet behavior (which I'm doing) a Mac user is generally quite safe from external threats. My girlfriends computer has been on the same network as my MacBook (OSX 10.8) however through a modem/router with the option for 'devices on the network able to communicate' with eachother activated.

    I know nothing about vulnerability from the inside of a trusted home network however, and find myself still quite worried as the ICT guy didn't do any checks really (admittedly I'm somewhat paranoid in this department).

    Could my computers security be compromised (e.g. malware installation) and how could I check for that?

    I am using Mac OSX10.8 (with Norton internet security) and windows 7 on bootcamp.

    Many thanks for your help!
     
  2. LoMonkey macrumors regular

    Joined:
    Jul 4, 2008
    #2
    Have you considered that it was the user and not the computer? Perhaps she picked up the trojans doing something she shouldn't have been (downloading illegal music/apps), and a side-effect is that it opens up her network sharing to possibly infect other computers. Kinda spit-balling here.

    Also, there is a well-known JAVA vulnerability in OS X. Have you updated lately?
     
  3. Oceanborn, Jul 1, 2013
    Last edited: Jul 1, 2013

    Oceanborn thread starter macrumors newbie

    Joined:
    Jun 20, 2010
    #3
    Thanks for your reply.

    I am 100% sure that this wasn't the case as she doesn't do that. Needs to have been picked up during regular web surfing. She also doublechecked with her ICT department. They indicate that Forefront should have picked up on the Trojans the moment they were downloaded (real time). Strange thing is that we were on maps.google.com when the security pop-up came on screen.

    Have installed an automatic software update on my Macbook a few days before the Trojans were detected on her computer. Have not updated Java separately though.
     
  4. Dalton63841 macrumors 65816

    Dalton63841

    Joined:
    Nov 27, 2010
    Location:
    SEMO, USA
    #4
    By definition you don't have to worry about it UNLESS you have clicked on something that you were unsure of. Unix permissions prevent malware from executing on the system. On unix based systems, malwares have to trick you into giving them permission to execute. If you haven't seen anything out of the ordinary, don't worry.
     

Share This Page