Malcontents are sneaky. In their latest ploy, they are counting on you misspelling “.com” so they can send you to one of their fake domains. So instead of going to netflix.com, you end up at netflix.om–a phony site determined to infect you with malware. If you are not paying attention, you might not realize you are on the wrong domain. Continue reading “Automatically Change .om to .com To Prevent Malware”
Tag: malware
Prevent Ransomware By Automatically Finding The Checksum Of Downloaded Files
Apple has already shut down the ransomware found in the Transmission torrent client. You can easily prevent this from happening to you in the future by adding a Hazel rule to your downloads folder, which will automatically determine the checksum, so you can compare it with the one the legitimate file has. Continue reading “Prevent Ransomware By Automatically Finding The Checksum Of Downloaded Files”
Detecting Wirelurker Malware
[UPDATE] It appears the command and control infrastructure has been neutralized.
Palo Alto has already written a script that will detect the Wirelurker malware. It basically scans for the files known to be malicious. Just download the script and run it from Terminal:
curl -O https://raw.githubusercontent.com/PaloAltoNetworks-BD/WireLurkerDetector/master/WireLurkerDetectorOSX.py</code> python WireLurkerDetectorOSX.py
Roll-you-own Ventir Trojan Detector for OS X
Get Alerted If Your Computer Gets Infected With The Ventir Trojan
With this trick, you can get alerted if your system gets infected and then take steps to manually neutralize it. The Ventir Trojan is a keylogger, which means all of your keystrokes are recorded. Continue reading “Roll-you-own Ventir Trojan Detector for OS X”
Roll-your-own Defense Against Mac.BackDoor.iWorm
[UPDATE]: Advanced settings added below
Get Alerted If Your Computer Gets Infected
When the Mac.BackDoor.iWorm malware gets installed via pirated software, your computer and becomes part of a botnet. While you may not be able to stop it from getting there, you can be alerted when it does and then take steps to manually neutralize it. Continue reading “Roll-your-own Defense Against Mac.BackDoor.iWorm”
Roll-your-own Protection From A New Malware Called XSLCmd
A nasty piece of malware on OS X is XSLCmd. Using a neat trick, you can get alerted if your computer gets infected. This malware can open a reverse shell, list and transfer files, and install additional malware. Definitely not something you want. The problem with some malware–especially zero-day attacks–is that your anti-virus program might not detect it. But using this trick you can at least know something got installed to your Mac that shouldn’t be there. Continue reading “Roll-your-own Protection From A New Malware Called XSLCmd”
Using Ubuntu MRT to Fix Malware on a Windows Machine: *Nix Saves Windows
A family member brought me their malware-infested machine. It was the worst infection I had seen in a while. First off, this device had some annoying malware, including: Continue reading “Using Ubuntu MRT to Fix Malware on a Windows Machine: *Nix Saves Windows”
OS X: Roll-your-own Malware Detection
[UPDATE 2014-10-20]: This tricks seems to cause high CPU usage in Yosemite, try using launchd instead.
[UPDATE 2014-10-02]: defend yourself from becoming a zombie courtesy of Mac.BackDoor.iWorm
[UPDATE]: Use this trick to fend off the new malware XLSCmd
Macs are not immune to malware. Authors of malicious software often try to get a LaunchDaemon or LaunchAgent installed onto your computer in one or more of the following locations: Continue reading “OS X: Roll-your-own Malware Detection”