Re: mac trojan in-the-wild

["Aryeh Goretsky (home)" <goretsky () gmail com>]

Hello,

Sadly, it is not this I am worried about, but the emails which are
going to follow it claiming to from Apple's technical support and/or
security group, advising the user to run the special security patch
which just happens to be attached attached to the message in order to
fix the security hole used by this trojan.  And, of course, it cannot
be provided via normal patching mechanisms since if the trojan is present
it blocks the patch from being downloaded, et cetera.

Regards,

Aryeh Goretsky




At 05:16 PM 10/31/2007, you wrote:

> From: Gadi Evron <ge () linuxbox org>
> Precedence: list
> MIME-Version: 1.0
> To: funsec () linuxbox org
> Date: Wed, 31 Oct 2007 17:07:56 -0500 (CDT)
> Message-ID: <Pine.LNX.4.62.0710311707420.2303 () linuxbox org>
> Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
> Subject: [funsec] mac trojan in-the-wild
> Message: 1
>
> http://sunbeltblog.blogspot.com/2007/10/screenshot-of-new-mac-trojan.html
> http://sunbeltblog.blogspot.com/2007/10/mackanapes-can-now-can-feel-pain-of.html
>
>         Gadi.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.