Path: csiph.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: David Newsgroups: alt.computer.workshop,uk.comp.sys.mac Subject: Re: So ...... is this real, or imagined? Date: Wed, 26 Feb 2025 16:42:37 +0000 Lines: 65 Message-ID: References: <67bf3c89$13$2755$882e4bbb@reader.netnews.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Trace: individual.net LepZfsNrZmmayy7aQbUKFgbbW2YLmyZz54be4BynUsokqBlRNX Cancel-Lock: sha1:zyQea+9xNZvK4Uq0FHjKj5nfffc= sha256:GAAXTFWzaKPAmgbVFt+lG4JKkHjftXYk0qWF3wmQT5c= User-Agent: Mozilla Thunderbird Content-Language: en-GB In-Reply-To: <67bf3c89$13$2755$882e4bbb@reader.netnews.com> Xref: csiph.com uk.comp.sys.mac:180507 On 26/02/2025 16:08, Brock McNuggets wrote: > On Feb 26, 2025 at 1:45:12 AM MST, "David" wrote > : > >> On 17/02/2025 01:26, Gremlin wrote: >>> David news:m1dso8F1e0qU1@mid.individual.net Sun, 16 Feb >>> 2025 10:25:12 GMT in alt.computer.workshop, wrote: >>> >>>> This is a screenshot:- >>>> >>>> https://i.ibb.co/HLgy7hNf/Screenshot-2025-02-11-at-10-07-47.png >>>> >>>> I've erased my hard drive, just in case! >>> >>> Based on the content of your screenshot, you more than slightly over reacted. >>> It posed no real threat to you, and wiping your machine wasn't necessary. >>> Trojans are not viruses or worms. They do not self replicate. >> >> Will you explain, please, *WHY* that Trojan posed no threat? >> >> This is what ChatGPT says about it:- >> >> **Trojan.OSX.RustAgent** is a type of macOS malware written in the Rust >> programming language. Rust is popular among malware developers because >> it’s cross-platform, fast, and harder to reverse-engineer than some >> older languages. >> >> The **RustAgent** Trojan usually works by: >> - **Gaining unauthorized access** to a macOS system. >> - **Downloading and executing payloads** — additional malicious software. >> - **Collecting sensitive data** such as passwords or browser information. >> - **Communicating with a command-and-control (C2) server** to receive >> further instructions from attackers. >> >> **How does it spread?** >> - Fake app installers or cracked software. >> - Phishing emails with malicious attachments. >> - Drive-by downloads from compromised websites. >> >> **How to check for it:** >> 1. Run a reputable antivirus/malware scanner for macOS. >> 2. Monitor your **Activity Monitor** for suspicious processes. >> 3. Check **~/Library/LaunchAgents** and **/Library/LaunchDaemons** for >> strange files. >> >> = >> >> Perhaps you are not as clued-up on Macs as you think you are, Dustin! > > It only is a threat if you run it... Understood! > though you said you might have. NOT > shaming you for that -- this is how such malware is designed: to trick people > into running it and even giving it permissions. Would *Apple* have noticed if I /had/ run it? Would it have been removed by Apple in an 'Update'? -- I appreciate that you cannot know the answers! David