Windigo ?

Discussion in 'Mac Basics and Help' started by Help404, Dec 3, 2015.

  1. Help404 macrumors newbie

    Help404

    Joined:
    Feb 3, 2011
    Location:
    France
    #1
    Hello,
    I try just for informations chrootkit on my el capitan. It said few days ago that windigo is in.
    Well, ok... I did some research and studies tell thats its on servers and you have to tape in Terminal:

    ssh -G 2>&1 | grep -e illegal -e unknown > /dev/null && echo “System clean” || echo “System infected”

    And I have “System infected”.

    Ok... Then I reinstalled El Capitan following what is recommended.
    And now I just do some research on Google just to find the command line, and I tried to not to be online during the install, I tried the command line and guess what? “System infected”!!
    What's wrong with that command line? Is it unix command? I am a few aware about command line in Linux but ssh -G i didn't know, and all that command line I don't understand very well what its expecting in a mac...
    Well should I be worried or no?
     
  2. Help404 thread starter macrumors newbie

    Help404

    Joined:
    Feb 3, 2011
    Location:
    France
    #2
    Someone can test this and tell if he/she has the system infected?
     
  3. s0nicpr0s, Dec 3, 2015
    Last edited: Dec 3, 2015

    s0nicpr0s macrumors regular

    s0nicpr0s

    Joined:
    Sep 1, 2010
    Location:
    Illinois
    #3
    My Linux machine is not infected.

    My mac does report as being infected. However, both of these systems have a different version of ssh. The mac supports an option called -G, where Lubuntu does not. So although it states that you're infected, I wouldn't worry about it currently.
     

Share This Page