Thread: Potential Virus Threat

It's just a smug smile that says "I told you so..." for linux users....

James.

You Mac users hide your envy well. Don't worry. If Macs become common enough, someday, somebody will start making viruses for them too.

I attempted to recreate the attack. Same click sequence, no alarms. Am not yet sophisticated enough to find the logs and i will keep trying.
FYI, the alarms 'went off' when i arrived at the video's page. Had not clicked to download or view either version.
Gotta go now and run a complete scan

Originally Posted by Agamemnon

Don't worry. If Macs become common enough, someday, somebody will start making viruses for them too.

I do not doubt this. There are already some out there, though they are few and far between. Still, it is probably only a matter of time. And yes, I have a few Linux friends. If I weren't running a Mac, I would be running Linux.

Originally Posted by DRazz

I attempted to recreate the attack. Same click sequence, no alarms. Am not yet sophisticated enough to find the logs and i will keep trying.
FYI, the alarms 'went off' when i arrived at the video's page. Had not clicked to download or view either version.
Gotta go now and run a complete scan

Hey DRazz - what virus scanner are you using? If it's norton, there's a log file you can view under "reports".

James.

Oh well. The joys of the Microsoft hegemony!
I use an ISP supplied McAfee and anothet MS freebie - Windows Defender.
Neither log shows the attacks

It's certainly possible, but not as likely to gain traction.

It's not just the immunity by obscurity argument either. The underlying system is essentially FreeBSD UNIX, which is related to OpenBSD. OpenBSD, by many counts, is the most secure and stable network connected operating system in existence. It is used in many high volume and highly secured secured environments for this specific reason. Further, many related linux and UNIX variants borrow their security context from versions of OpenBSD. Virtually ALL the large, and highly hacker target'd sites including google, yahoo, etc... run some UNIX/Linux variation. The NSA apparently uses their own version of OpenBSD on their internal machines.

So, while it's possible, I think the success will be lower. Now, I do fully expect viruses/trojans, etc... Funny thing is, I expect them mainly from Windows technologies being run on these *nix boxes. Examples; ActiveX, MS Office, Exchange. Let's hope Apple is smart enough to stay the security course layed out for them by years of sysadmin experience.

For now, I don't feel the need to smirk. I just convert everyone I know to Mac whenever I can. Being a tech type, all my friends and family call me for computer support (kill me, please). I almost never get calls from the converts, excepting, 'how do I do this, I used to do it in Windows like this...'.

Cheers all - John

PS As of the software called Parallels being released, I have NO reason to boot up my home Windows PC. I can now run AutoCAD close to native in OS X.

Originally Posted by Agamemnon

You Mac users hide your envy well. Don't worry. If Macs become common enough, someday, somebody will start making viruses for them too.

Um, I had a rake of 5 trojans when I visited the video section. The remnants of one cannot be removed. That was about a month ago. I registered today and Sophos pulled me up on a single trojan when I tried to get the vid.

Just for your information.

BTW are you sure the virus is not in the directory that the vid is stored in rather than the vid itself?

Cheers

Mat

I've taken the videos off-line until I can get to the bottom of this. I'm sure there are no viruses and/or trojans, etc. in the files themselves or the directory they reside in. That's not surprising, nor does it mean there's not a problem. The sleeze bag hackers that worm their way into websites to infect them with nasties are much more clever than to make the trail that obvious.

PZBarber... you mentioned a Trojan... what did the message your virus checker put out say? Did it say that downloading such a file "could" contain a virus or trojan? Or did it explicitly state that the file DID contain a trojan? If so, what was it.

Here is an extract from my Sophos error log. These warnings popped up as soon as I tried to get the video.

Virus 'Troj/DownLdr-NO' has been detected in "C:\Documents and Settings........
Infected file "C:\Documents and Settings\MAT\Local Settings\Temporary Internet Files\Content.IE5\21JUP0ER\xpladv521[1].wmf" has been deleted.

Virus 'Troj/Psyme-DL' has been detected in "C:\Documents and Settings\MAT\Local Settings\Temporary Internet Files\Content.IE5\21JUP0ER\new521[1].htm". Cleanup unavailable.

Infected file "C:\Documents and Settings\MAT\Local Settings\Temporary Internet Files\Content.IE5\21JUP0ER\new521[1].htm" has been deleted.

Virus 'Troj/Wafer-B' has been detected in "C:\Documents and Settings\MAT\Local Settings\Temporary Internet Files\Content.IE5\8PMJU33I\slide521[1].htm". Cleanup unavailable.

Infected file "C:\Documents and Settings\MAT\Local Settings\Temporary Internet Files\Content.IE5\8PMJU33I\slide521[1].htm" has been deleted.

Hope this helps

Mat