General Category > General Computing/Macintosh

DNS changing Malware affects Mac users

(1/1)

xairbusdriver:

--- Quote from: TidBITS --- OSX/MaMi hijacks macOSís DNS settings to intercept traffic by routing it through malicious servers...But unless you did something to bypass macOSís Gatekeeper security, you likely have nothing to worry about since the malwareís executable isnít signed by Apple.
--- End quote ---

--- Quote from: Hacker News ---Patrick [Wardle] believes that the attackers could be using lame methods like malicious emails, web-based fake security alerts/popups, or social-engineering type attacks to target Mac users.
--- End quote ---
Open System Prefs->Network. Click "Advanced" and then the "DNS" tab. Look for:82.163.143.135
82.163.142.137If you find those IP addresses, you have been infected by the malware. Currently no fix, but you can at least delete those two addresses.Hacker News
I failed to mention the need to check all your internet access methods: WiFi, Ethernet, etc. WiFi usually has the modem address, 10.0.0.xxx.

elagache:
Dear X-Air and WeatherCat sys-admins,

Thanks for the head's up.  Indeed most of us are safe from this malware, and sure enough, I double-checked our home network and all is safe and sound.

Cheers, Edouard

Navigation

[0] Message Index

Go to full version