I have been trying to figure out a problem with my mail program. I am beginning to think that I have some zombie code on my system. The problem has been ongoing for more than a year and I am a former technical/software support for mac compatible peripherals. I need to emphasize that this is not a simple configuration issue or a setting I neglected - although the situation may be too advanced for me to deal with at this point.
There appears to be some ghost operation on my computer. I have several email accounts which have web based counterparts that I do not use. I send, compose and store my mail using Mac Mail Version 4.6 (1085). However I notice that when the activity monitor comes up there is sometimes "sending" activity bar when downloading my new email.
Please note that these are NOT emails I have saved to send later or bounced email receipts from parties that may have been spammed by someone using my address. They are actual email messages originating from my computer - NOT my email account but this physical computer. The messages are not located in any folders within the webmail applications when I check my email online and the occurrences are intermittent. Sometimes there is a copy of the email that was sent and sometimes there is no copy in the sent folder or in the trash. The only indication to the problem is that the sending activity bar appears and sometimes the outbox also appears until the sending has finished. When I try and open the outbox there are no messages listed even though there is activity.
I have also noticed that the keychain will unlock periodically even when I have not given permission for it to do so. I have set the keychain to notify me and require a password anytime something on the computer asks for access it. I noticed some entries in the keychain I did not create, which do not appear to be system entries. When I tried to delete them I was given a permissions error even though I used the root user. To combat this I deleted the original keychain and created another one but the problem still occurs. I believe these occurrences are related and it is possible that the malicious code occurs during startup. I notice that the toolbar icon for the keychain is generally unlocked on startup and my virus scanner is sometimes disabled - even though it is set to start with the computer - and I have to manually activate it.
I am curious to know if anyone else has heard or seen anything like this and/or if anyone knows what it is. I personally believe my computer is some kind of zombie and has some sort of code which activates on startup. The virus scanner never detects anything. I think it is a vulnerability that Apple may know about or that is sophisticated enough to have avoided detection because people blame user error. There are a few other posts I have randomly found online with something similar mentioned but most responses say the problem can be explained by someone using your email address for spamming purposes. This is not actually the case though.
Of course the solution may require I wipe my system - but until I know how and what happened that seems like putting a band-aid on a broken leg. If this code is from a website or application I unwittingly installed then setting up my system again may recreate the problem immediately after I reinstall the system. I know Mac everyone says there are no real Mac viruses but I know that is a clever PR maneuver to give the illusion of safety. Everything has a vulnerability. Unix has been around a long time and serious hackers have not overlooked it.
I would love opinions on this issue if anyone has any input. If there are any developers, hackers or code analytics out there reading I'd love to discuss the situation and get your opinions.
There appears to be some ghost operation on my computer. I have several email accounts which have web based counterparts that I do not use. I send, compose and store my mail using Mac Mail Version 4.6 (1085). However I notice that when the activity monitor comes up there is sometimes "sending" activity bar when downloading my new email.
Please note that these are NOT emails I have saved to send later or bounced email receipts from parties that may have been spammed by someone using my address. They are actual email messages originating from my computer - NOT my email account but this physical computer. The messages are not located in any folders within the webmail applications when I check my email online and the occurrences are intermittent. Sometimes there is a copy of the email that was sent and sometimes there is no copy in the sent folder or in the trash. The only indication to the problem is that the sending activity bar appears and sometimes the outbox also appears until the sending has finished. When I try and open the outbox there are no messages listed even though there is activity.
I have also noticed that the keychain will unlock periodically even when I have not given permission for it to do so. I have set the keychain to notify me and require a password anytime something on the computer asks for access it. I noticed some entries in the keychain I did not create, which do not appear to be system entries. When I tried to delete them I was given a permissions error even though I used the root user. To combat this I deleted the original keychain and created another one but the problem still occurs. I believe these occurrences are related and it is possible that the malicious code occurs during startup. I notice that the toolbar icon for the keychain is generally unlocked on startup and my virus scanner is sometimes disabled - even though it is set to start with the computer - and I have to manually activate it.
I am curious to know if anyone else has heard or seen anything like this and/or if anyone knows what it is. I personally believe my computer is some kind of zombie and has some sort of code which activates on startup. The virus scanner never detects anything. I think it is a vulnerability that Apple may know about or that is sophisticated enough to have avoided detection because people blame user error. There are a few other posts I have randomly found online with something similar mentioned but most responses say the problem can be explained by someone using your email address for spamming purposes. This is not actually the case though.
Of course the solution may require I wipe my system - but until I know how and what happened that seems like putting a band-aid on a broken leg. If this code is from a website or application I unwittingly installed then setting up my system again may recreate the problem immediately after I reinstall the system. I know Mac everyone says there are no real Mac viruses but I know that is a clever PR maneuver to give the illusion of safety. Everything has a vulnerability. Unix has been around a long time and serious hackers have not overlooked it.
I would love opinions on this issue if anyone has any input. If there are any developers, hackers or code analytics out there reading I'd love to discuss the situation and get your opinions.
