or Connect
New Posts  All Forums:

Posts by adamw

Should be good. May learn a bit about Steve.
A new Mac trojan has just been identified. It was released into the wild about March 16th, and uses the same Java exploit to gain access and infect Macs. More info: http://www.zdnet.com/blog/security/n...eraction/11545 Look for the following 2 files being present to detect infection: /Library/Preferences/com.apple.PubSabAgent.pfile /Library/LaunchAgents/com.apple.PubSabAGent.plist This trojan reportedly does the following to a Mac: "After infecting a given Mac, this...
I was thinking the same thing the other day. Little Snitch would be a cheap investment for Apple to make to ensure users were more comfortable about what programs were attempting to send data out over the Internet. Little Snitch saved me after I installed it, after I was infected with this Flashback trojan, as it found several variants of Flashback still lurking around on my Mac.
I commend Apple for releasing this standalone Flashback trojan removal tool, for people who do not have Java installed (on Lion). This should help take some of the confusion and frustration away. Thank you Apple.
I thought that I was being cautious too, but I still got infected with this trojan.This Flashback trojan has several variants, some of which were recently released. The "Terminal removal detection and removal instructions" and the list of programs that the trojan would refuse to install upon detecting is outdated in my opinion, as confirmed by so many people that thought "they were clean" of this trojan, yet Apple's latest Java update notified them that it had detected and...
I was infected via the Java vulnerability. I used the manual Flashback trojan removal instructions, was reported as infected, and uninstalled the files F-secure recommended. Re-ran the instructions twice and came up clean. Later, someone recommended I try Little Snitch and I installed, and immediately found 2 infected program files trying to send data out to suspicious web sites. Googled the file names and found other Mac users had these same files with the trojan also, so...
I was initially infected by this Flashback trojan on my Mac, and even the manual removal instructions did not get all of the trojan's files, which still tried to send info out over the Internet, but thanks to the Little Snitch app for finding these rogue infected files. I have installed this Java update with no problems. I hope I never see this trojan again on my Mac!
Thanks for the extra information about removing the trojan... Here is a new report which finds that a secondary source, Kaspersky Labs, has also verified the 600,000+ figure of Macs infected with this trojan. They did testing to confirm Dr. Web's initial reporting of the trojan's number of infected Macs. Very interesting. They say 1% of Macs are infected with this trojan. http://www.zdnet.com/blog/bott/secon...lashback/4737?
Since I found I was infected with this yesterday and removed it, I was told to download the "Little Snitch" app, which I googled and installed the 3 hour demo of. I thought my system was clean of this trojan, as I followed the F-Secure removal instructions, but it appears this trojan installs other stuff once it gets in (via the Java exploit). Little Snitch informed me that a file named .rserv (~/.rserv) in my Users directory on my Mac was trying to connect to...
As a person whose Mac was infected under Lion by this trojan, and removed it yesterday, I sure would like to know more about why Apple included another Java update 2 days after the first one. Edit: Since posting, I have found what was changed by Apple in this new Java update. This is from Apple's Java mailing list: Java developers, Today we re-shipped our Java 1.6.0_31 for OS X Lion today to address a critical issue we found in Xcode and the Application Loader tool....
New Posts  All Forums: