Path: csiph.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: David Newsgroups: uk.comp.sys.mac,alt.computer.workshop Subject: Re: So ...... is this real, or imagined? Date: Wed, 26 Feb 2025 12:46:52 +0000 Lines: 56 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Trace: individual.net bxGM/+CZBhUMHu5W6SRdUQU7JWgQ+rNWP7eNCrMXAdu3FrP42E Cancel-Lock: sha1:Wbx/oJkKHsWAZ2JrQHvTr1xFtp4= sha256:J11ndcLMTv4YGaH3fRV5UDp+XzkPN0GvcipfZGI9bQA= User-Agent: Mozilla Thunderbird Content-Language: en-GB In-Reply-To: Xref: csiph.com uk.comp.sys.mac:180493 On 26/02/2025 09:52, FromTheRafters wrote: > David explained : >> On 17/02/2025 01:26, Gremlin wrote: >>> David news:m1dso8F1e0qU1@mid.individual.net Sun, >>> 16 Feb >>> 2025 10:25:12 GMT in alt.computer.workshop, wrote: >>> >>>> This is a screenshot:- >>>> >>>> https://i.ibb.co/HLgy7hNf/Screenshot-2025-02-11-at-10-07-47.png >>>> >>>> I've erased my hard drive, just in case! >>> >>> Based on the content of your screenshot, you more than slightly over >>> reacted. >>> It posed no real threat to you, and wiping your machine wasn't >>> necessary. >>> Trojans are not viruses or worms. They do not self replicate. >> >> Will you explain, please, *WHY* that Trojan posed no threat? >> >> This is what ChatGPT says about it:- >> >> **Trojan.OSX.RustAgent** is a type of macOS malware written in the >> Rust programming language. Rust is popular among malware developers >> because it’s cross-platform, fast, and harder to reverse-engineer than >> some older languages. >> >> The **RustAgent** Trojan usually works by: >> - **Gaining unauthorized access** to a macOS system. >> - **Downloading and executing payloads** — additional malicious software. >> - **Collecting sensitive data** such as passwords or browser information. >> - **Communicating with a command-and-control (C2) server** to receive >> further instructions from attackers. >> >> **How does it spread?** >> - Fake app installers or cracked software. >> - Phishing emails with malicious attachments. >> - Drive-by downloads from compromised websites. >> >> **How to check for it:** >> 1. Run a reputable antivirus/malware scanner for macOS. >> 2. Monitor your **Activity Monitor** for suspicious processes. >> 3. Check **~/Library/LaunchAgents** and **/Library/LaunchDaemons** for >> strange files. >> >> = >> >> Perhaps you are not as clued-up on Macs as you think you are, Dustin! > > The OS makes no difference here, you have a landmine which hasn't even > been stepped on yet. Delete such a trojan and you're done. My point is that without an anti-malware software programme to catch it, you'd never know that it was there - hiding!