Mac OS X targeted by Trojan and backdoor tool
- Thread starter midijeep
- Start date
Rhisiart
Registered
In one report I read (and I am kicking myself for not making a note of the URL), the PC version of ClamXV is estimated to pick up only 48% of viruses. Whether this can be extrapolated to the Mac version is unknown.
The point is that I suspect that no anti-virus products can be 100% effective for all Window viruses. The same is probably true for Mac anti-virus packages, but given the comparatively pitifully low risk of virus infections in Apple computers, products like VirusBarrier and iAntivirus are only suitable for ludicrously paranoid users like myself.
However, in the not too far distant future.......
The point is that I suspect that no anti-virus products can be 100% effective for all Window viruses. The same is probably true for Mac anti-virus packages, but given the comparatively pitifully low risk of virus infections in Apple computers, products like VirusBarrier and iAntivirus are only suitable for ludicrously paranoid users like myself.
However, in the not too far distant future.......
Mikuro
Crotchety UI Nitpicker
There's a new variant out: http://www.macobserver.com/tmo/article/intego_warns_of_new_mac_trojan_horse/
Sounds basically the same.
Sounds basically the same.
I'm still not sure that these new versions are correctly identified and removed by the DNSChangerRemoval utiltiy. My client's computer has the obvious effect, i.e. that DNS is quite affected. However, none of the tools find anything wrong with the machine. I've checked and doublechecked all network settings. It's not the network itself, since for other computers in the same network, the problems don't exist. That's why I assumed (wrongly so, I guess by now) it could be a new form of the same attack.
I'll now check with a different user on the same computer. Worst case: I'll back things up and reinstall OS X. But I'd really rather solve the problem than work around it...
I'll now check with a different user on the same computer. Worst case: I'll back things up and reinstall OS X. But I'd really rather solve the problem than work around it...
ElDiabloConCaca
U.S.D.A. Prime
From the DNSChanger website, it appears that it only removes the original DNSChanger trojan and a couple of variants -- not the newest ones, unfortunately:
http://www.dnschanger.com/
The newest variant seems to be dubbed "OSX.RSPlug.E", which isn't covered by the removal tool (yet, I hope!).
http://www.dnschanger.com/
The newest variant seems to be dubbed "OSX.RSPlug.E", which isn't covered by the removal tool (yet, I hope!).
ElDiabloConCaca
U.S.D.A. Prime
The risk to you or I, who know better than to install suspicious codecs, is, in fact, infinitesimally small (nil, precisely) -- but to other, less experienced users, I believe the risk is quite real.
And for those to whom the risk is quite real, God bless you -- and I'd like to sell you some anti-virus software, cheap! [/sarcasm]
And for those to whom the risk is quite real, God bless you -- and I'd like to sell you some anti-virus software, cheap! [/sarcasm]
No, but since Leopard is over a year old, I guess most people are actually using it. 
... About the "infinitesimal" thing (why do you point it out to me like that *twice*, Doctor X?): What worries me is that two of my customers caught the bug that was removable with DNSChangerRemoval. I don't really _care_ whether they've used pr0n sites or not. It's their private right to do so. What I *do* know is that they _are_ average users. They're not stupid. But obviously, they *wanted* to view the video, so installing the software didn't seem so far off at the time of it happening. It's not something that startles you as a computer user. But I guess we've discussed that over and over already in various threads.
... About the "infinitesimal" thing (why do you point it out to me like that *twice*, Doctor X?): What worries me is that two of my customers caught the bug that was removable with DNSChangerRemoval. I don't really _care_ whether they've used pr0n sites or not. It's their private right to do so. What I *do* know is that they _are_ average users. They're not stupid. But obviously, they *wanted* to view the video, so installing the software didn't seem so far off at the time of it happening. It's not something that startles you as a computer user. But I guess we've discussed that over and over already in various threads.