|
|
Mac OS Viruses/bugs/etc: post your infections
|
|
|
|
Fresh-Faced Recruit
Join Date: Aug 2005
Location: NJ
Status:
Offline
|
|
OK...I was thinking of posting this as I woke up this morning. When I checked the forum, I saw the post below (Put Up Or Shut Up: No Viruses On OSX), and was going to add this comment to that thread, but it looks like it developed into a semantic discussion on "perfect" code (which is fine by me, but beyond the present topic). That said, read on...
I ran Norton the other night on my hard drive and was a little displeased (and disturbed) at its findings (check the picture below.) My questions are:
1. What is up with this stuff (and what's the worst that can come of it)?
2. What sketchy things have you found on your HD?
[removed oversize image --tooki]
(
Last edited by tooki; Oct 3, 2005 at 10:37 AM.
)
|
|
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Jul 2005
Location: Planet Express
Status:
Offline
|
|
I've had that. It's not OS X specific for viruses, just java which any machine can get. That's why I set my java prefs to not cache anything.
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Jan 2003
Location: ~/
Status:
Offline
|
|
This is going to be a lonely thread. There are no known MacOS X viruses/trojans in the wild.
If you experience odd behavior on your Mac, its NOT from a virus.
|
|
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Aug 2005
Location: NJ
Status:
Offline
|
|
Originally Posted by Cadaver
There are no known MacOS X viruses/trojans in the wild.
"Known" would be the key word there...
|
|
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Nov 2002
Status:
Offline
|
|
Originally Posted by Dark Sailor
"Known" would be the key word there...
The antivirus companies are clearly desperate for OS X to have a virus. I'm sure if there *were* any in the wild, they would be pouncing on it and letting us know in know uncertain terms. Therefore I think it is safe to assume that no "Known" viruses is basically no viruses.
Quite frankly the scare tactics they have been using are disgusting, and the fact this thread exists at all shows that unfortunately they have not been entirely ineffective.
|
"The giant Grof was hit in one eye by a stone, and that eye turned inward so that it looked into his mind, and he died of what he saw there" -- The Forgotten Beasts of Eld, Patricia A. McKillip
|
|
|
|
|
|
|
|
Banned
Join Date: Jun 2003
Status:
Offline
|
|
My Mac was once infected by something called Norton.
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Dec 2000
Location: Northern California
Status:
Offline
|
|
Haha, well put.
I ran ClamXav the other day, did a deep scan and it found some "virus" files in my Java cache. Seems that's the extent of it, at this point in time.
|
Mac OS X 10.5.0, Mac Pro 2.66GHz/2 GB RAM/X1900 XT, 23" ACD
esdesign
|
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Jul 2005
Status:
Offline
|
|
|
"I cluck, therefor I am."
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Jan 2003
Location: 127.0.0.1
Status:
Offline
|
|
Sevendust, 1998, Mac OS 8.1.
It wasn't really a virus either; just a rogue extension.
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Nov 2001
Location: Trafalmadore
Status:
Offline
|
|
Originally Posted by Dark Sailor
"Known" would be the key word there...
If there was one, even the hint of a real one, it would be well "known".
|
|
|
|
|
|
|
|
|
Professional Poster
Join Date: Jul 2005
Location: Winnipeg, MB
Status:
Offline
|
|
Wait now really you COULD try and install a virus and see if it ran in Classic
|
|
|
|
|
|
|
|
|
Forum Regular
Join Date: Dec 2001
Location: Ft Laud, FL USA
Status:
Offline
|
|
Originally Posted by Cadaver
If you experience odd behavior on your Mac, its NOT from a virus.
But it might have been hacked. We just found out that our xServer has been compromised, still investigating how this happend. No damaged done, but one of the user accounts was acting odd and after some sniffing around it seems someone was trying to install UNIX scripts on the box. These attempts were unsuccessful, but that fact they got in is bit upsetting.
I've only had to deal with ONE Mac virus in the 15 years...
The "Autostart" worm!
Read more at http://www.macintouch.com/hkvirus.html
The only damage was it kept coping itself over the network thus slowing things down to a crawl. The problem was every disk you mounted got the worm, so it took several weeks of scanning each Syquest removable (remember those?) before we killed all the copies. Even months later we would run into an old disc from a vendor that was still infected.
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Jan 2003
Location: ~/
Status:
Offline
|
|
Originally Posted by JMII
But it might have been hacked. We just found out that our xServer has been compromised, still investigating how this happend. No damaged done, but one of the user accounts was acting odd and after some sniffing around it seems someone was trying to install UNIX scripts on the box. These attempts were unsuccessful, but that fact they got in is bit upsetting.
I used to run a very lightweight webserver from a PowerMac G4 (MacOS X 10.3.x client). While I saw in the log lots of SSH, FTP, odd URLs, etc., attempts at access, none were successful. Used to get port-scanned constantly since it was running a static IP address at a big-10 university. I suppose it was at some risk, since I needed ssh/remote access enabled for that machine for me to do other things on it from home - and someone could have potentially guessed/bruteforced my admin username & password, the odds of that were very slim (essentially random alphanumeric and non-alphanumeric characters for each). I'd be more apt to blame a user with a simple name/password than a flaw in OS X that would allow someone to install & execute shell scripts from the outside.
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Jan 2003
Location: ~/
Status:
Offline
|
|
Originally Posted by Dark Sailor
"Known" would be the key word there...
And if you're the first person to acquire the first previously unknown actual MacOS X virus, then you've got other problems than simply the virus...
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|