New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus • Advice and insight from world-class Apple enthusiasts • Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
Schweb's Lounge Forum for general conversation, chit chat, or most topics that don't fit in another forum.

Got Crypto Locker/Ransomware on your Mac?


Post Reply New Thread Subscribe

 
Thread Tools
iggibar

 
iggibar's Avatar
 
Member Since: Apr 20, 2009
Location: C-Town
Posts: 4,063
iggibar is a splendid one to beholdiggibar is a splendid one to beholdiggibar is a splendid one to beholdiggibar is a splendid one to beholdiggibar is a splendid one to beholdiggibar is a splendid one to beholdiggibar is a splendid one to beholdiggibar is a splendid one to behold
Mac Specs: Mac Pro 4.1 15" MBP. 13" MBP. 17" PB. Power Mac G5. Galaxy Note 3

iggibar is offline
I was simply looking for answers/questions to common healthcare interview questions. This one page took a bit to load, when a white page came up with a red field behind it. I had already done a lot of research on these type of viruses and had one friend who had it on his Windows machine, but never thought about it on the Mac. It was not possible to help him with most of his files, but the virus was removed.

My ransomware page had an FBI logo on the left corner, a field with my location and IP address, and a statements about copyright and related rights, and illegal access from something. You can try quitting out of Safari, but a popup will block you from doing so. Forcing Safari to quit, or shutting your computer down manually, are two ways to close out of it.

To get this virus popup while doing such a simple search kind of worries me...I wasn't really thinking about viruses when looking for interview questions.

Getting a little freaked out, the first thing I did was unplug the ethernet from my Mac Pro, and disconnected the power cable(without worrying about turning it off properly), both at about the same time. Haven't really practiced this stuff, so I was just going on instinct I guess.
Then, I ran downstairs to unplug the network stuff. These ransomware viruses can actually travel from one device onto another if they share the same network.
I went back upstairs and took out 3 HDDs(BootCamp, TimeMachine, and Data files) and left in only the OS ssd.
Held the power button on for 15 seconds just for fun.
Turned the MP back on with the ethernet unplugged and network still off(just in case the wifi was on).
When you open up Safari, it might want to automatically take you back to the last website visited, which should be the ransomware's site, and since you have no network connection, it can't force popups on you. From here, you have to reset Safari. Might as well do everything just to be safe, is my motto.
Note: All this can be done with the computer connected to the internet, but doing it with no connection does not allow any interaction between the site and other devices you might have.

According to some further research, these viruses do not yet have any true sticking abilities on the Mac, thankfully. It can't embed itself and encrypt files the way it can on Windows machines. What it does pray on is that people will get freaked when they can't quit out of Safari, and see that it keeps going back to that sight, enough that they will pay the ransom....when in reality, it's the lazy virus attempt on a Mac. It's no joke on a Windows machine, though.

Now I have something fun to tell during the interview. Wish me luck!

“If you are distressed by anything external, the pain is not due to the thing itself but to your own estimate of it; and this you have the power to revoke at any moment.” Marcus Aurelius
QUOTE Thanks
vansmith

 
vansmith's Avatar
 
Member Since: Oct 19, 2008
Location: Toronto
Posts: 17,687
vansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond repute
Mac Specs: 2012 13" MBP (2.5 i5, 8GB)

vansmith is offline
This might be an interesting read if you want to learn about something that's truly scary. What's worth noting here about this one - OS X succumbed to this one just as badly as others. In fact, it even rooted itself in an OpenBSD install and if it can do it there, well, it's safe to say that this malware is pretty pernicious (for those that don't know, OpenBSD's primary focus in security and it has a reputation for being one of the most secure operating systems in use).

Important Links: Community Guidelines : Use the reputation system if you've been helped.
M-F Blog :: Write for the blog
Personal Twitter
QUOTE Thanks

Post Reply New Thread Subscribe


« New Mac Pro Color.. Possible Mouse and Keyboard recolor? | The little dot? »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
Five ways Apple can improve the Mac App Store OneMoreThing... Apple Rumors and Reports 0 07-16-2011 08:42 PM
Is Apple ready to play cat and mouse with malware developers? OneMoreThing... Apple Rumors and Reports 3 06-04-2011 10:10 PM

All times are GMT -4. The time now is 01:59 AM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?