wlaidlaw Posted April 1, 2009 Share #1 Posted April 1, 2009 Advertisement (gone after registration) If you receive a plausible sounding email from someone called Keven Kou, do not under any circumstances open it. My wife did in error on her iMac, as his name is similar to someone, who sits on a committee with her. It will install a trojan down at system level and a hidden series of re-written messages in your Entourage database. It contaminates addresses both on the Mac and Entourage address books, all of which will convert your Mac to a Botnet. I had been having trouble with my Internet connection anyway (it turned out a neighbour was using an illegal Ethernet via powerlines re-broadcaster, which was generating noise on the copper phone lines within a half mile radius). After this was fixed, my speed, particularly on uploads was still terrible and my ping latency was around 800+ ms. I called my ISP, and they confirmed that there was a lot of traffic on my line, even when nobody was accessing the Internet. It has been a major job to get rid of this monster. I have had to use DARPA BotHunter (BotHunter Software Distribution Page), which as it is a UNIX program, has to be installed and run from Terminal. You need to have X-code installed first. The only GUI part of the program is the EULA - not fun! Finally you have to do a manual search for all references to Keven Kou and delete them, plus any contaminated files and clear all user, system and program caches (Onyx is the easiest program to use for this and it is free from Titanium Software) . We then had to check all the other Macs on our internal network very carefully, to see if they had cross infected (they hadn't). All in all, a job of many hours for the whole process and we have had to send warnings to everyone on my wife's address book to check for onwards infection, which luckily does not seem to have happened. I have passed all this on to Apple, Microsoft, Intego and Secure Mac (Virus Barrier X5 did not catch this nor did MacScan, both of which were installed on my wife's iMac and were running in the background at the time of infection). You have all been warned. Wilson Link to post Share on other sites More sharing options...
Advertisement Posted April 1, 2009 Posted April 1, 2009 Hi wlaidlaw, Take a look here Warning to Mac users - this is NOT an April Fool's Joke. I'm sure you'll find what you were looking for!
Recommended Posts
Archived
This topic is now archived and is closed to further replies.