malware - Jacob Salmela

malware

A collection of 8 posts

Automatically Change .om to .com To Prevent Malware

Automatically Change .om to .com To Prevent Malware

Malcontents are sneaky. In their latest ploy, they are counting on you misspelling “.com” [https://www.intego.com/mac-security-blog/type-a-url-wrong-and-you-might-end-up-with-malware-on-your-mac/] so they can send you to one of their fake domains. So instead of going to netflix.com, you end up at netflix.om–a phony site determined to infect

Prevent Ransomware By Automatically Finding The Checksum Of Downloaded Files

Prevent Ransomware By Automatically Finding The Checksum Of Downloaded Files

Apple has already shut down the ransomware [http://techcrunch.com/2016/03/07/apple-has-shut-down-the-first-fully-functional-mac-os-x-ransomware/?ncid=rss] found in the Transmission torrent client. You can easily prevent this from happening to you in the future by adding a Hazel rule to your downloads folder, which will automatically determine the checksum, so

Detecting Wirelurker Malware

Detecting Wirelurker Malware

[UPDATE] It appears the command and control infrastructure has been neutralized [http://threatpost.com/wirelurker-mac-os-x-malware-shut-down/109204]. Palo Alto has already written a script that will detect [https://github.com/PaloAltoNetworks-BD/WireLurkerDetector/blob/master/WireLurkerDetectorOSX.py] the Wirelurker malware. [http://researchcenter.paloaltonetworks.com/2014/11/wirelurker-new-era-os-x-ios-malware/] It basically scans for the

Roll-you-own Ventir Trojan Detector for OS X

Roll-you-own Ventir Trojan Detector for OS X

Get Alerted If Your Computer Gets Infected With The Ventir Trojan With this trick, you can get alerted if your system gets infected and then take steps to manually neutralize it. The Ventir Trojan [http://www.intego.com/mac-security-blog/ventir-trojan-intercepts-keystrokes-from-mac-os-x-computers/] is a keylogger, which means all of your keystrokes are

Roll-your-own Defense Against Mac.BackDoor.iWorm

Roll-your-own Defense Against Mac.BackDoor.iWorm

[UPDATE]: Advanced settings added below Get Alerted If Your Computer Gets Infected When the Mac.BackDoor.iWorm [http://news.drweb.com/show/?i=5977&c=5&lng=en&p=0] malware gets installed via pirated software, your computer and becomes part of a botnet. While you may not be able

Roll-your-own Protection From A New Malware Called XSLCmd

Roll-your-own Protection From A New Malware Called XSLCmd

A nasty piece of malware [http://www.fireeye.com/blog/technical/malware-research/2014/09/forced-to-adapt-xslcmd-backdoor-now-on-os-x.html] on OS X is XSLCmd [http://www.macworld.com/article/2603440/cyberespionage-group-starts-using-new-mac-os-x-backdoor-program.html#tk.rss_all] . Using a neat trick [https://jacobsalmela.com/roll-your-own-malware-detection/], you can get alerted if your computer gets infected. This

Using Ubuntu MRT to Fix Malware on a Windows Machine: *Nix Saves Windows

A family member brought me their malware-infested machine. It was the worst infection I had seen in a while. First off, this device had some annoying malware, including: * Conduit Search [http://malwaretips.com/blogs/remove-conduit-search-virus/] * Delta Toolbar [http://malwaretips.com/blogs/delta-toolbar-virus/] * Image Editor Packages * Update for Image Editor * Driver

OS X: Roll-your-own Malware Detection

OS X: Roll-your-own Malware Detection

[UPDATE 2014-10-20]: This tricks seems to cause high CPU usage in Yosemite, try using launchd instead [https://jacobsalmela.com/folder-actions-yosemite-broken-use-launchd-instead/]. [UPDATE 2014-10-02]: defend yourself from becoming a zombie [https://jacobsalmela.com/roll-defense-mac-backdoor-iworm/] courtesy of Mac.BackDoor.iWorm [UPDATE]: Use this trick to fend off the new malware XLSCmd [https://jacobsalmela.