Path: csiph.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: David Newsgroups: uk.comp.sys.mac,alt.computer.workshop Subject: Re: So ...... is this real, or imagined? Date: Wed, 26 Feb 2025 15:05:19 +0000 Lines: 80 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Trace: individual.net i81kNuAuFdvIwy7Oxsp9bAUR1WOAW/w9ZKhCj4qzvRO4PhZT0H Cancel-Lock: sha1:Irkjk7IlDux1XwZ/EdB4dLl+zEg= sha256:dyMCUuwQQZx7wcjVBD5ymTTAFunXW8Ylw7CLJuMcWJw= User-Agent: Mozilla Thunderbird Content-Language: en-GB In-Reply-To: Xref: csiph.com uk.comp.sys.mac:180503 On 26/02/2025 14:47, FromTheRafters wrote: > on 2/26/2025, David supposed : >> On 26/02/2025 13:04, FromTheRafters wrote: >>> David pretended : >>>> On 26/02/2025 09:52, FromTheRafters wrote: >>>>> David explained : >>>>>> On 17/02/2025 01:26, Gremlin wrote: >>>>>>> David news:m1dso8F1e0qU1@mid.individual.net >>>>>>> Sun, 16 Feb >>>>>>> 2025 10:25:12 GMT in alt.computer.workshop, wrote: >>>>>>> >>>>>>>> This is a screenshot:- >>>>>>>> >>>>>>>> https://i.ibb.co/HLgy7hNf/Screenshot-2025-02-11-at-10-07-47.png >>>>>>>> >>>>>>>> I've erased my hard drive, just in case! >>>>>>> >>>>>>> Based on the content of your screenshot, you more than slightly >>>>>>> over reacted. >>>>>>> It posed no real threat to you, and wiping your machine wasn't >>>>>>> necessary. >>>>>>> Trojans are not viruses or worms. They do not self replicate. >>>>>> >>>>>> Will you explain, please, *WHY* that Trojan posed no threat? >>>>>> >>>>>> This is what ChatGPT says about it:- >>>>>> >>>>>> **Trojan.OSX.RustAgent** is a type of macOS malware written in the >>>>>> Rust programming language. Rust is popular among malware >>>>>> developers because it’s cross-platform, fast, and harder to >>>>>> reverse-engineer than some older languages. >>>>>> >>>>>> The **RustAgent** Trojan usually works by: >>>>>> - **Gaining unauthorized access** to a macOS system. >>>>>> - **Downloading and executing payloads** — additional malicious >>>>>> software. >>>>>> - **Collecting sensitive data** such as passwords or browser >>>>>> information. >>>>>> - **Communicating with a command-and-control (C2) server** to >>>>>> receive further instructions from attackers. >>>>>> >>>>>> **How does it spread?** >>>>>> - Fake app installers or cracked software. >>>>>> - Phishing emails with malicious attachments. >>>>>> - Drive-by downloads from compromised websites. >>>>>> >>>>>> **How to check for it:** >>>>>> 1. Run a reputable antivirus/malware scanner for macOS. >>>>>> 2. Monitor your **Activity Monitor** for suspicious processes. >>>>>> 3. Check **~/Library/LaunchAgents** and **/Library/LaunchDaemons** >>>>>> for strange files. >>>>>> >>>>>> = >>>>>> >>>>>> Perhaps you are not as clued-up on Macs as you think you are, Dustin! >>>>> >>>>> The OS makes no difference here, you have a landmine which hasn't >>>>> even been stepped on yet. Delete such a trojan and you're done. >>>> >>>> My point is that without an anti-malware software programme to catch >>>> it, you'd never know that it was there - hiding! >>> >>> It is best not to execute or even open email like this. >> >> Understood. But people *DO* open such email - and have no idea that >> Apple is NOT protecting them! > > How do you know that Apple is not protecting them from its execution? Ah! I do NOT know, of course! >> Do, please, take a look at a post I've made on ucsm. > > What is ucsm? That's unlike you, Master! ;-) -- David