Page 2 of 3 FirstFirst 123 LastLast
Results 21 to 40 of 47

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: New Macintosh Trojan Disables Apple Anti-Malware

  1. #21
    Quote Originally Posted by AfterMercyFM View Post
    I thought I infected my MBP with it since the Adobe Flash wanted to update a few times. I thought it was strange at the time but updated anyway. When I read this post I figured I infected my computer and went to look for the string of code in the .plist for Safari but couldn't find it. Does that mean I'm not infected or what? Also, I installed LittleSnitch, which if I do have the trojan it would be too late anyhow, but now I can't quit or uninstall it. Amidoinitrong? :no idea:

    EDIT: Found the uninstaller option in the .dmg but still unsure if I'm infected.
    if it looked like that standard adobe AIR style installer, then you're fine. this looks like a pkg installer. I thought it did the same thing when I read this.


    Twitter: @tshoults

  2. #22
    iPhone? More like MyPhone maddawg05's Avatar
    Join Date
    Jan 2009
    Location
    Orlando
    Posts
    241
    Thanks
    5
    Thanked 10 Times in 8 Posts

    Quote Originally Posted by akafred View Post
    but but mac's dont get viruses!! i was lied to!!! lol proves that any OS has vulnerabilities, and the dumber the user the more likely to get affected..
    Never was a vulnerability question but more were written for the more popular counter part...windows.

  3. #23
    Quote Originally Posted by akafred View Post
    but but mac's dont get viruses!! i was lied to!!! lol proves that any OS has vulnerabilities, and the dumber the user the more likely to get affected..
    Someone didn't read the article lol. Like the article said, there has been no VIRUS for Mac to date! Only Trojans, which is different!!!

  4. #24
    The screen for the offical installer for Flash from Adobe:

    -adobe-flash-player-10_3.jpg


    The screen for the trojan flash:

    -flashback_c_installer.jpg

  5. The Following 2 Users Say Thank You to Cer0 For This Useful Post:

    moon#pie (10-19-2011), raduga (10-19-2011)

  6. #25
    Thanks cer0

  7. #26
    To date, there has never been a successful virus launch for Mac OS X.
    You can keep saying that if it makes you feel better.

    However, the main reason classical viruses haven't been a problem for OS X is not because its magically immune, but because classical viruses are boring and offer such limited value per h4x, hardly anyone writes new viruses anymore.

    worms, bots, trojans and BHOs are what all the cool kids are doing these days, and the number of these that target OS X is rising...
    Last edited by raduga; 10-19-2011 at 07:39 PM.

  8. #27
    Green Apple
    Join Date
    Nov 2007
    Location
    Perth, Wa, Australia
    Posts
    83
    Thanks
    7
    Thanked 4 Times in 4 Posts

    Good, anti-virus on a mac is useless anyway

  9. #28
    Quote Originally Posted by raduga View Post
    You can keep saying that if it makes you feel better.

    However, the main reason classical viruses haven't been a problem for OS X is not because its magically immune, but because classical viruses are boring and offer such limited value per h4x, hardly anyone writes new viruses anymore.

    worms, bots, trojans and BHOs are what all the cool kids are doing these days, and the number of these that target OS X is rising...
    Nothing was mentioned saying that Mac OS X was, "magically immune" to viruses. Be careful in using irrelevant facts not present in the details given to misconstrue and over-think something. The other examples you gave were mentioned in my writing saying that they are not viruses. So the fact that they're rising in numbers doesn't make them any more relevant to that statement, "magically immune."

  10. #29
    Green Apple MrNewbdude's Avatar
    Join Date
    Dec 2010
    Posts
    52
    Thanks
    2
    Thanked 2 Times in 1 Post
    So if I purchase "Little Snitch" will it prevent Trojans like this from harming me all together, even if I accidentally do key in my password? Reading the F-Secure instructions for removing the Trojan it says:
    On installation, the installer first checks if the following file is found in the system:/Library/Little Snitch/lsdLittle Snitch is a firewall program for Mac OS X. If the program is found, the installer will skip the rest of its routine and proceed to delete itself.
    Does that mean it would self-delete prior to doing any damage? That's how it sounds to me, can anyone clarify please?Thanks,

  11. #30
    Quote Originally Posted by MrNewbdude View Post
    So if I purchase "Little Snitch" will it prevent Trojans like this from harming me all together, even if I accidentally do key in my password? Reading the F-Secure instructions for removing the Trojan it saysoes that mean it would self-delete prior to doing any damage? That's how it sounds to me, can anyone clarify please?Thanks,
    It won't prevent them. The trojan just deletes itself after it harms your computer to hide the fact that it was ever there.

  12. #31
    Quote Originally Posted by Cer0 View Post
    The screen for the offical installer for Flash from Adobe:

    -adobe-flash-player-10_3.jpg


    The screen for the trojan flash:

    -flashback_c_installer.jpg
    Thank you so much!





  13. #32
    Quote Originally Posted by Anthony Bouchard View Post
    Nothing was mentioned saying that Mac OS X was, "magically immune" to viruses. Be careful in using irrelevant facts not present in the details given to misconstrue and over-think something. The other examples you gave were mentioned in my writing saying that they are not viruses. So the fact that they're rising in numbers doesn't make them any more relevant to that statement, "magically immune."
    The point is that viruses (in the strict sense) aren't much of a threat anyone these days, unless they're running Classic Macs or pre-SP2 Windows PCs. The things that do threaten modern Windows machines, however, very much threaten modern Macs as well.

    Arguing about classical viruses is only of historical interest, unless you regularly dig through piles of floppy disks. Your Mac today faces the same risks and the same threats and same dangers as any internet-capable PC, barring extensive mitigation (on the level of iOS). I wouldn't much care, but posting articles that encourage other users to be careless and foolish makes more (and more annoying) work for the guys who have to clean up security incidents.

  14. #33
    Quote Originally Posted by raduga View Post
    I wouldn't much care, but posting articles that encourage other users to be careless and foolish makes more (and more annoying) work for the guys who have to clean up security incidents.
    My article encourages Mac users to be careful of what they download and to take measures of precaution when executing disk images. It doesn't encourage foolish mistakes or careless behavior.

  15. #34
    Livin the iPhone Life BenderRodriguez's Avatar
    Join Date
    Apr 2008
    Location
    The Future
    Posts
    2,139
    Thanks
    108
    Thanked 239 Times in 197 Posts

    Thanks for the info good article

  16. #35
    What's Jailbreak?
    Join Date
    Feb 2011
    Location
    toronto
    Posts
    20
    Thanks
    0
    Thanked 0 Times in 0 Posts

    how do i scan ? because i just updated my adobe flash player and im worried as hell now

  17. #36
    My iPhone is a Part of Me luvmytj's Avatar
    Join Date
    Jul 2008
    Location
    New York
    Posts
    705
    Thanks
    32
    Thanked 75 Times in 61 Posts

    Little Snitch comes through again! I installed LS over a year ago and love it. Now it may have saved me from installing malware. I highly recommend Little Snitch to all Mac users. It tracks every connection in and out and lets you decide if you want to allow it.

  18. #37
    Quote Originally Posted by luvmytj View Post
    Little Snitch comes through again! I installed LS over a year ago and love it. Now it may have saved me from installing malware. I highly recommend Little Snitch to all Mac users. It tracks every connection in and out and lets you decide if you want to allow it.
    LittleSnitch does not protect you from this trojan. The trojan executes, ruins your system, AND THEN deletes itself.

    Quote Originally Posted by Waaasobe View Post
    how do i scan ? because i just updated my adobe flash player and im worried as hell now
    Just follow the instructions at the end of my article to see if you've been infected.

  19. #38
    What's Jailbreak?
    Join Date
    Feb 2011
    Location
    toronto
    Posts
    20
    Thanks
    0
    Thanked 0 Times in 0 Posts

    ^ yea i dont get it , im not all that tech savy if im honest i just got confused

  20. #39
    Quote Originally Posted by spazturtle View Post
    .dmgs are disk files not executable files.
    Yeah I know. Anthony was referring to .dmg's as executables
    Quote Originally Posted by ikesmasher View Post
    that was officially the scariest thing you have ever said str4y.
    Quote Originally Posted by Pancho paco View Post
    Dude T.M.I

  21. #40
    Quote Originally Posted by Anthony Bouchard View Post
    LittleSnitch does not protect you from this trojan. The trojan executes, ruins your system, AND THEN deletes itself.
    In this case LittleSnitch does stop it.

    To complete its installation/infection, Flashback.C requires the user to key in the administrator password.

    On installation, the installer first checks if the following file is found in the system:

    /Library/Little Snitch/lsd
    .

    Little Snitch is a firewall program for Mac OS X. If the program is found, the installer will skip the rest of its routine and proceed to delete itself.
    Source: Threat Description: Trojan-DownloaderSX/Flashback.C

    So if the trojan sees that littlesnitch is installed, which is the first thing it does, it willgo no further and delete itself. Basically it will not move on to any othe rline of code.

    Quote Originally Posted by Anthony Bouchard View Post
    The trojan executes, ruins your system, AND THEN deletes itself.
    Also as of right now it doesn't ruin your system. You are just infected awaiting further instructions as your info is being passed along.
    Last edited by Cer0; 10-19-2011 at 09:42 PM.

  22. The Following User Says Thank You to Cer0 For This Useful Post:

    Anthony Bouchard (10-19-2011)

Page 2 of 3 FirstFirst 123 LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •