Path: csiph.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: David Newsgroups: uk.comp.sys.mac,alt.computer.workshop Subject: Re: So ...... is this real, or imagined? Date: Wed, 26 Feb 2025 13:57:43 +0000 Lines: 66 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Trace: individual.net Ez9Qq58iRhVq6mCqKvHztgzzw4us0Hh6EHPCI2x0r6H3RCaglo Cancel-Lock: sha1:FP54ulmmGpOOkC0+I2yNRcemhrY= sha256:KTL97mKRwOE333IavEpkRM7RRtBiA7s1ZRN1ric6sU8= User-Agent: Mozilla Thunderbird Content-Language: en-GB In-Reply-To: Xref: csiph.com uk.comp.sys.mac:180495 On 26/02/2025 13:04, FromTheRafters wrote: > David pretended : >> On 26/02/2025 09:52, FromTheRafters wrote: >>> David explained : >>>> On 17/02/2025 01:26, Gremlin wrote: >>>>> David news:m1dso8F1e0qU1@mid.individual.net Sun, >>>>> 16 Feb >>>>> 2025 10:25:12 GMT in alt.computer.workshop, wrote: >>>>> >>>>>> This is a screenshot:- >>>>>> >>>>>> https://i.ibb.co/HLgy7hNf/Screenshot-2025-02-11-at-10-07-47.png >>>>>> >>>>>> I've erased my hard drive, just in case! >>>>> >>>>> Based on the content of your screenshot, you more than slightly >>>>> over reacted. >>>>> It posed no real threat to you, and wiping your machine wasn't >>>>> necessary. >>>>> Trojans are not viruses or worms. They do not self replicate. >>>> >>>> Will you explain, please, *WHY* that Trojan posed no threat? >>>> >>>> This is what ChatGPT says about it:- >>>> >>>> **Trojan.OSX.RustAgent** is a type of macOS malware written in the >>>> Rust programming language. Rust is popular among malware developers >>>> because it’s cross-platform, fast, and harder to reverse-engineer >>>> than some older languages. >>>> >>>> The **RustAgent** Trojan usually works by: >>>> - **Gaining unauthorized access** to a macOS system. >>>> - **Downloading and executing payloads** — additional malicious >>>> software. >>>> - **Collecting sensitive data** such as passwords or browser >>>> information. >>>> - **Communicating with a command-and-control (C2) server** to >>>> receive further instructions from attackers. >>>> >>>> **How does it spread?** >>>> - Fake app installers or cracked software. >>>> - Phishing emails with malicious attachments. >>>> - Drive-by downloads from compromised websites. >>>> >>>> **How to check for it:** >>>> 1. Run a reputable antivirus/malware scanner for macOS. >>>> 2. Monitor your **Activity Monitor** for suspicious processes. >>>> 3. Check **~/Library/LaunchAgents** and **/Library/LaunchDaemons** >>>> for strange files. >>>> >>>> = >>>> >>>> Perhaps you are not as clued-up on Macs as you think you are, Dustin! >>> >>> The OS makes no difference here, you have a landmine which hasn't >>> even been stepped on yet. Delete such a trojan and you're done. >> >> My point is that without an anti-malware software programme to catch >> it, you'd never know that it was there - hiding! > > It is best not to execute or even open email like this. Understood. But people *DO* open such email - and have no idea that Apple is NOT protecting them! Do, please, take a look at a post I've made on ucsm.