Malware affecting Macs running older versions of OS X

Discussion
dante01

dante01

Distinguished Member
The new malware, known as GetShell.A, requires you to approve the installation of a Java applet. OS X warns you that the applet is from a root certificate that "is not trusted." If you still decide to go ahead and install this applet, your device will be infected.

The malware is multi-platform. Once you allow the applet to be installed, it downloads platform-specific code for OS X, Linux, and Windows to attempt opening a backdoor on your machine. The OS X code won't run without Rosetta on an Intel-based platform as it is a PowerPC binary. That means that any Mac without Rosetta such as any Mac running Lion or Mountain Lion is immune to the malware.

Java-based Web attack installs backdoors on Windows, Linux, Mac computers - Computerworld
 
dc8900

dc8900

Distinguished Member
dante01 said:
That means that any Mac without Rosetta such as any Mac running Lion or Mountain Lion is immune to the malware.
Click to expand...

As well as Snow Leopard machines unless the user decided to override the default and manually install Rosetta via the installer
 
Last edited:
dante01

dante01

Distinguished Member
dc8900 said:
As well as Snow Leopard machines unless the user decided to override the default and manually install Rosetta via the installer
Click to expand...

As I said, that means that any Mac without Rosetta such as any Mac running Lion or Mountain Lion is immune to the malware. You are not given the option to install or use Rosetta with either Lion or Mountain Lion so Snow Leopard is not immune because you can run Rosetta and dual binaries from it.

Maybe I should also mention that OS 9 is also immune? LOL
 
Last edited:
dc8900

dc8900

Distinguished Member
:rolleyes:

I was simply pointing out, should a SL user panic, that they need not worry as unless they specifically chose to install Rosetta they would be fine as it was not installed by default on 10.6.8

There is absolutely no need to be so facetious
 
B

Bl4ckGryph0n

Member
Anyone in their right mind should provide system access to an untrusted or unsigned java app. As such all of them at immune except for the operators ;)
 
You must log in or register to reply here.
Discussion

The latest video from AVForums

Podcast: Philips TV Launch Event, Soundbar vs AVR, Samsung EzCAL and more...
Subscribe to our YouTube channel.
Join the AVForums team live on Wednesdays at 7pm UK time.
Top Bottom