How to detect blackshades Trojan horse

Similar Messages

• How do I remove Trojan horse OSX/FakeAlert.B codecm_uploader from my macbook?

  How do I remove Trojan horse OSX/FakeAlert.B codecm_uploader from my macbook? My AVG AntiVirus keep putting up a pop up window to say that it's blocked the threat from spreading and I've to consider deleting the infected file. When I search for the file, I can't find it.  It pops up literally every 30secs!

  First, you need to get rid of AVG. It may have alerted you to this, but in general it's not much good on the Mac.
  Second, that indicates that you are infected with the FkCodec, aka Codec-M, adware. See my Adware Removal Guide for instructions on removing it. Be aware that AVG might interfere with your attempts to remove it, thinking that it is protecting you.
  (Fair disclosure: The Safe Mac is my site, and contains a Donate button, so I may receive compensation for providing links to The Safe Mac. Donations are not required.)

• Firefox setup detected as trojan horse Dropper.Generic8.BMWS by AVG when moving to folder

  I was cleaning up my desktop by moving my unused files to organized folders, example being OriginalGameName being dragged into Games; and I happened to have an AVG virus scan running in the backround at the same time. I created a folder named installers, and dragged in Firefox_Setup.exe first. AVG immediately launched a warning window, saying it was a trojan and giving me an option to remove it.
  Of course, why would the installer of my favourite internet browser include a Trojan Horse? I mean, my Firefox browser works fine and I also just so happen to be posting this on Firefox.
  I was instantly suspicious, and opened up SpyBot Search & Destroy and scanned. No results, so the AVG window seemed to be safe. I clicked the option on the AVG window to remove the alleged Trojan Horse, then scanned again with SpyBot to make sure that it wasn't the type of fake AVG warning window's that installs a trojan after an option is chosen.
  So yes, I'm sure that I haven't gotten a fake AVG warning. And yes, I downloaded the installer from the site.
  I am also rather paranoid about virus's, and I have two different antivirus's that I scan with every time I visit a unfamiliar website or download anything and I am generally wary when browsing the internet.
  I know I've given a large amount of information, but I'm trying to save you from having to ask a million questions about the information I left out. I know there's a post similar to this, but I feel that the other post didn't include enough information leading to unsatisfactory answers. Info dump over.

  Yes, you should first immediately update your Firefox to 23. That's crucial.
  This sounds like you got a virus hit on an old installer you had sitting around? If you downloaded this installer from a mozilla.org server, then this is a false positive. They happen from time to time, various anti-viruses will occasionally flag a Firefox file as a virus when it isn't really. Normally it clears up quickly. You can just delete that old installer, update Firefox, and be good to go.

• How to detect infected trojan

  How can I determine if my Mac has been infected with this Flashback trojan?

  You may find this User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Security and Privacy, useful:
  https://discussions.apple.com/docs/DOC-2435
  The User Tip (which you are welcome to print out and retain for future reference) seeks to offer some guidance on the main security threats and how to avoid them.
  Bear in mind that from April to December 2011 there were only 58 attempted security threats to the Mac - a mere fraction compared to Windows malware:
  http://www.f-secure.com/weblog/archives/00002300.html
  (I have ClamXav set to scan incoming emails, but nothing else.)
  To which I will add (about the Flashback Trojan):
  You should be able to prevent infection by disabling Java (not Javascript) and also turning off 'Open safe files after downloading' in Safari Preferences/General.
  Flashback Trojan - Detection, and how to remove (with caution):
  http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml

• How can I remove Trojan Horse?

  Hi,
  Hello there..good day! I just want to ask if how to remove a virus which is trojan virus..because it is infecting my computer and now all my files are all hidden..and I can't unhide them..I am using command prompt to access my files..I am using Eset NOD32
  Anti Virus..but still the virus is existing!..hope you guys can help me with this problem!,..
  Hoping,
  Jenny
  T shirt

  I would ask this in the AVG Forums:
  http://forums.avg.com/us-en/avg-free-forum
  or Windows server forums:
  http://social.technet.microsoft.com/Forums/en/category/windowsserver
  Please follow the steps below:
  1.
  Reboot your machine.
  2.
  At the start-up screen, please press F8 and select the Safe Mode.
  3. After
  you enter the system, select the anti-virus software to scan all disks.
  4. At
  the start-up run, please input Msconfig and disable the suspicious startup items.
  5. How to display the hide items in system:
   Driver C>Folder options>view>show hidden files,folders,and drives>uncheck the Hide protected operating system files>
  6.After the scan finishes, please reboot the system the try it
  again.
  Your expertise never fails to impress :)

• Trojan Horse!

  Every day for the past three days I have received on average 200 messages in "Mail" addressed to another gMail user. On each occasion there is a different users name. I have contacted these people and they have no idea what is going on. I posted a help message on the gMail discussion group and included some headers.
  It appears that something is strange with the headers and Google have been asked to investigate. It has also been suggested that a Trojan Horse could be responsible and I should do some kind of virus check. I have just run ClamXav which detected nothing.
  Can someone confirm if ClamXav would detect a Trojan Horse or is there something more suitable available?
  Is anyone else having a similar problem, as I have noticed that, including myself and the other three gMail users, all of us use Mac.
  Any help or suggestions would be greatly appreciated.

  If you allow a Trojan to be installed, the user's DNS records can be modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's (that's you!) DNS records stay modified on a minute-by-minute basis.
  You can read more about how, for example, the OSX/DNSChanger Trojan works here:
  http://www.f-secure.com/v-descs/trojanosxdnschanger.shtml
  SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:
  http://macscan.securemac.com/
  The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X and allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.
  (Note that a 30 day trial version of MacScan can be downloaded free of charge from:
  http://macscan.securemac.com/buy/
  and this can perform a complete scan of your entire hard disk. After 30 days free trial the cost is $29.99. The full version permits you to scan selected files and folders only, as well as the entire hard disk. It will detect (and delete if you ask it to) all 'tracker cookies' that switch you to web sites you did not want to go to.)

• What is the risk, and how to detect, Trojan infection with Flashback/Flashfake? (PowerMac G5 OS X 10.5.8)

  What is the risk, and how to detect, Trojan infection with Flashback/Flashfake? (PowerMac G5 OS X 10.5.8)

  Hey Kappy, without even looking I can tell you anything is better than the GeForce4MX cards, but see
  See japamacs page here on the best AGP cards for G4s & G5s...
  http://www.jcsenterprises.com/Japamacs_Page/Blog/4B4B7BA2-7ABB-47F1-87AC-B03D379 42BEE.html
  Rated slowest on top, fastest on bottom, hopefully japamac will drop in shortly.
  Oh, & they need way more RAM...
  http://www.everymac.com/systems/apple/powermac_g4/specs/powermac_g4_933_qs.html
  http://eshop.macsales.com/MyOWC/Upgrades.cfm?sort=pop&model=155&type=Memory

• TS1338 I have 4 Trojan Horse viruses on my external drive I use for Time Machine.  My MacBook Pro hard drive is clean.  I have eased the external drive 3 times using Disk Utility and it still has the 4 Trojan Horse viruses. How do I get rid of them. Wayne

  I have 4 Trojan Horse viruses on my external drive I use for Time Machine.  My MacBook Pro hard drive is clean.  I have eased the external drive 3 times using Disk Utility and it still has the 4 Trojan Horse viruses. How do I get rid of them. I am using 10.8.3  Wayne

  ksu62 wrote:
  The infection names are:  classload.jar-719ef6a5.zip
                                            classload.jar-5db452le31.zip
                                            ar3.jar-6ce3b2f-45l483f.zip
                                            classload.jar-lef99412-63bsd3fl.zip
  Those look alot like file names and not infection names. I don't find any reference to anything like that on Norton or VirusTotal. Since you said these were Trojans, I would expect to see "Trojan" as part of the infection name.
  ".jar" files are executable Java applets. The random alpha-numerics would seem to indicate a cache file, likely from a browser with Java enabled. And we all know what ".zip" means.
  Worst case is that you had Java enabled in a browser and were infected by one of the late variants of the Flashback Trojan over a year ago or one of a couple of other attacks using the same vulnerability but targetted against a small number of political sympathizers. Much more probable is that thes were Windows only Trojans. Hopefully you have a fully up-to-date OS X, including Java, and have disabled Java in all your browsers by now.

• I think I have  some Malware/Trojan Horse on MacBook Pro. How to get rid of it?

  My MacBook Pro has worked perfect for the last 2 years, but over the last 2 days when I am on Chrome it has started clicking onto random websites when I click other links, and showing certain words as underlined and as hotlinks. I think I recognise that from having a PC as Malware or Trojan Horse? What is the best way to remove this as I have read through a few threads on here and they advise not downloading any anti virus software as it slows down your Mac instead of helping.
  <Post Edited By Host>

  You installed the "VSearch" trojan, perhaps under a different name. Remove it as follows.
  Malware is constantly changing to get around the defenses against it. The instructions in this comment are valid as of now, as far as I know. They won't necessarily be valid in the future. Anyone finding this comment a few days or more after it was posted should look for more recent discussions or start a new one.
  Back up all data before proceeding.
  Triple-click anywhere in the line below on this page to select it:
  /Library/LaunchAgents/com.vsearch.agent.plist
  Right-click or control-click the line and select
            Services ▹ Reveal in Finder (or just Reveal)
  from the contextual menu.* A folder should open with an item named "com.vsearch.agent.plist" selected. Drag the selected item to the Trash. You may be prompted for your administrator login password.
  Repeat with each of these lines:
  /Library/LaunchDaemons/com.vsearch.daemon.plist
  /Library/LaunchDaemons/com.vsearch.helper.plist
  /Library/LaunchDaemons/Jack.plist
  Restart the computer and empty the Trash. Then delete the following items in the same way:
  /Library/Application Support/VSearch
  /Library/PrivilegedHelperTools/Jack
  /System/Library/Frameworks/VSearch.framework
  ~/Library/Internet Plug-Ins/ConduitNPAPIPlugin.plugin
  Some of these items may be absent, in which case you'll get a message that the file can't be found. Skip that item and go on to the next one.
  From the Safari menu bar, select
            Safari ▹ Preferences... ▹ Extensions
  Uninstall any extensions you don't know you need, including any that have the word "Spigot," "Trovi," or "Conduit" in the description. If in doubt, uninstall all extensions. Do the equivalent for the Firefox and Chrome browsers, if you use either of those.
  Reset the home page and default search engine in all the browsers, if it was changed.
  This trojan is distributed on illegal websites that traffic in pirated content. If you, or anyone else who uses the computer, visit such sites and follow prompts to install software, you can expect much worse to happen in the future.
  You may be wondering why you didn't get a warning from Gatekeeper about installing software from an unknown developer, as you should have. The reason is that this Internet criminal has a codesigning certificate issued by Apple, which causes Gatekeeper to give the installer a pass. Apple could revoke the certificate, but as of this writing, has not done so, even though it's aware of the problem. This failure of oversight has compromised both Gatekeeper and the Developer ID program. You can't rely on Gatekeeper alone to protect you from harmful software.
  *If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination  command-C. In the Finder, select
            Go ▹ Go to Folder...
  from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return.

• I have received an email from a friend with a link which I clicked. It directed me to the google home page and I am now suspicious that it is a virus  or a Trojan horse. I would know what to do on my PC but am new to Ipad. How can I check?

  I have received an email from a friend with a link which I clicked. It took me to the google home page. I am now suspicious that my friend's email account has been hijacked and the link contained a virus or a Trojan horse. I would know what to do on my PC but am new to the IPad. Can any form of Trojan horse be planted on IOS 6 or am I worrying unnecessarily? Reassurance would be most welcome as I do use the IPad for checking bank details and web purchases. Thanks for any help.

  PC virus won't run on iPad.

• How do i enable the e drive? something has happened to it. this system was full of trojan horses

  My E drive has been disabled by the trojan horse virises. What do I do?

  Thanks for the reply. I was able to save the data on the Macbook Air whose HD got corrupted by using File Sharing (ethernet connecting two Macbook Airs).
  I am also going to make a disk image of the HD using Disk Utility and mount that Disk Image onto an external hard drive. That way I can save the hard drive contents.

• Can't find file for Trojan Horse on my MacBook

  Anyone seen this before?
  I have the Norton Antivirus Program installed on my MacBook.
  I believe an attack occurred while I was looking through the Apple Support Forums for help with a QuickTime problem and accidentally clicked on the following link: http:www.smacktalkpaintball.com/video/
  The Norton Warning came up and I hit the delete option and then set Norton to scan manually.
  The following came up at the end of the scan:
  Virus "bof.jar-51a4bd07-3d4b399d.zip" detected, Today at 7:24 AM. Repair failed.
  /Users/Owner/Li...bd07-3d4b399d.zip Trojan Horse infected
  I was not able to locate either of these files anywhere on my computer.
  I have two external hard drives that I use to back-up data, but neither of them were connected at the time of the attack, and nothing else was connected when I ran the virus scan.
  I do not have Windows installed on this MacBook - Mac OS X, Version 10.5.8,

  Norton was able to detect the Trojan whereas MacScan was not, but Norton was not able to remove it
  That sounds an unlikely outcome on both counts. Norton anti-virus is just that: anti-virus, and I would not trust it to deal with trojans.
  Are you sure you actually installed a Trojan?
  If you allow a Trojan to be installed, the user's DNS records can be modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's (that's you!) DNS records stay modified on a minute-by-minute basis.
  You can read more about how, for example, the OSX/DNSChanger Trojan works here:
  http://www.f-secure.com/v-descs/trojanosxdnschanger.shtml
  SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:
  http://macscan.securemac.com/
  The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X and allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.
  (Note that a 30 day trial version of MacScan can be downloaded free of charge from:
  http://macscan.securemac.com/buy/
  and this can perform a complete scan of your entire hard disk. After 30 days free trial the cost is $29.99. The full version permits you to scan selected files and folders only, as well as the entire hard disk. It will detect (and delete if you ask it to) all 'tracker cookies' that switch you to web sites you did not want to go to.)

• SPY script/ Trojan Horse active on my MAC BOOK PRO

  Hello, Since two days I have noticed a small pop up every other minute when I am connected to the internet (which I do wireless) in the left top corner. It is a small window that pops and disappears very fast, impossible to read what it says. Does anyone can help me with this? How do I find out what it is and even more important how can I delete/ remove it

  Just in case we actually are confronted by a Trojan, read this:
  From MacWorld, January 10, 2008:
  SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:
  http://www.securemac.com/
  The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X. Called DNSChanger Trojan and also known as OSX.RSPlug.A Trojan Horse the software attacks users attempting to play a fake video file.
  Upon attempting to play the video, the victim receives the following message:
  “Quicktime Player is unable to play movie file.
Please click here to download new version of codec.”
  Upon running the installer, the user's DNS records are modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's DNS records stay modified on a minute-by-minute basis.
  SecureMac's DNSChanger Removal Tool allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.

• Trojan Horse Removal

  I have Norton AntiVirus for Mac which runs a full scan once a month. My recent scan shows 4 trojan horses all with the same name in the Java/Cache/6.0/33 file. Norton is unable to remove, quarantine or fix these. I've Googled the virus and no results show up so I don't know if this is a true Tojan Horse or a problem with Norton detection. I have Apple Care so can take the laptop in to the Apple store but not sure if it's necessary yet. The laptop does connect to a wireless drive at my office that is Windows based. Any ideas are welcome - Thanks.

  OMGosh... I think I may know this one. (I generally don't speak mac or pc). I'm a first time mac user for now three weeks. last weekend, after surfing all day, my PB had some scary box open with "DANGER" blah blah... than lots of horse blah blah..."INFECTED"
  I freaked out and asked my husband and he told me to get off line! and started out to the store with "I told you so" to get some virus soft w.
  Than I remembered that I read something about how Apple is safest and doesn't get virus or something. so I searched for a bit but couldn't get a quick answer on line. so, I grabbed my PB and ran to the nearest Apple store.
  After quick look, apple guys said that it was all a bloody marketing scam to scare people to buy their soft w. He was right, as soon as we rebooted, all was fine. He explained something about why apple isn't open to these sickness like PC...blah, blah... I didn't understand and I was looking at all the pretty apples that I had already planned on switching my entire house with... LOL. My husband would have an attack of some sort.
  So, I hope this is the same case for you. My husband still don't believe or understand why apple isn't open to same thing as PC. To his defense, I have seen soft w. for virus for mac. so..... can someone answer if I need to purchase virus SW like my husband PC?
  AND please to all the SMART apple guys out there, simple yes or no in English would be so appreciate it. Not that I hear "blah blah" when u speak apple, but I just want to understand what II need to know. THANK U APPLE GUYS!! UR AWSOME.

• Trojan Horse Virus

  A little while ago, my macbook was very slow and I went into the Apple store and they recommended that I turn Norton Antivirus off. I did.
  A few months later (now) I ran it just for the heck of it to see if it found anything - and it did. Two or three Trojan Horse malware files. Looking at Nortons descriptions, I think that they were (I located and deleted them) all PC based virus BUT, I am wondering:
  1. I have Microsoft Office for Mac on my Macbook and I am wondering if those files might have been compromised by a PC virus?
  2. I am assuming that if these files have been compromised there is nothing that I can do about retrieving that information as it could be anywhere.
  3. If I have other PC based drives hooked up to my macbook wirelessly - were they vulnerable while I had these Trojan Horses on my Macbook?
  Thanks.
  A.

  Don't always believe what Norton tells you. It is incompatible with OS X.
  Norton Antivirus has a very long and illustrious reputation for mangling Mac OS X systems, sometimes to the point where a complete reinstall is necessary. Among other things, it installs kernel extensions which are known to cause kernel panics and system freezes; it contains known and documented bugs which can silently corrupt Adobe Photoshop and Adobe InDesign files, destroy a user's ability to authenticate as an administrator, and (on PPC systems) can cause Classic to stop functioning; and Symantec has on at least two occasions now released flawed .dat file updates which erroneously report certain critical Mac OS X files as "viruses." (Deleting these "viruses" causes damage to the system that in some cases renders it unbootable.)
  1. No
  2. Need more details about what you call 'compromised'
  3. Yes.
  No viruses that can attack OS X have so far been detected 'in the wild', i.e. in anything other than laboratory conditions.
  It is possible, however, to pass on a Windows virus to another Windows user, for example through an email attachment. To prevent this all you need is the free anti-virus utility ClamXav, which you can download for Tiger and Leopard from (on no account install Norton Anti-Virus on a Mac running OS X):
  http://www.clamxav.com/
  The new version for Snow Leopard is available here:
  http://www.clamxav.com/index.php?page=v2beta
  (Note: ClamAV adds a new user group to your Mac. That makes it a little more difficult to remove than some apps. You’ll find an uninstaller link in ClamXav’s FAQ page online.)
  If you are already using ClamXav: please ensure that you have installed Apple Security Update 2010-005 and that your version of ClamXav is the latest available.
  However, the appearance of Trojans and other malware that can possibly infect a Mac seems to be growing, but is a completely different issue to viruses.
  If you allow a Trojan to be installed, the user's DNS records can be modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's (that's you!) DNS records stay modified on a minute-by-minute basis.
  You can read more about how, for example, the OSX/DNSChanger Trojan works here:
  http://www.f-secure.com/v-descs/trojanosxdnschanger.shtml
  SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:
  http://macscan.securemac.com/
  The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X and allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.
  (Note that a 30 day trial version of MacScan can be downloaded free of charge from:
  http://macscan.securemac.com/buy/
  and this can perform a complete scan of your entire hard disk. After 30 days free trial the cost is $29.99. The full version permits you to scan selected files and folders only, as well as the entire hard disk. It will detect (and delete if you ask it to) all 'tracker cookies' that switch you to web sites you did not want to go to.)
  A white paper has recently been published on the subject of Trojans by SubRosaSoft, available here:
  http://www.macforensicslab.com/ProductsAndServices/index.php?mainpage=document_general_info&cPath=11&productsid=174
  Also, beware of MacSweeper:
  MacSweeper is malware that misleads users by exaggerating reports about spyware, adware or viruses on their computer. It is the first known "rogue" application for the Mac OS X operating system. The software was discovered by F-Secure, a Finland based computer security software company on January 17, 2008
  http://en.wikipedia.org/wiki/MacSweeper
  On June 23, 2008 this news reached Mac users:
  http://www.theregister.co.uk/2008/06/23/mac_trojan/
  More on Trojans on the Mac here:
  http://www.technewsworld.com/story/63574.html?welcome=1214487119
  This was published on July 25, 2008:
  Attack code that exploits flaws in the net's addressing system are starting to circulate online, say security experts.
  The code could be a boon to phishing gangs who redirect web users to fake bank sites and steal login details.
  In light of the news net firms are being urged to apply a fix for the loop-hole before attacks by hi-tech criminals become widespread.
  Net security groups say there is anecdotal evidence that small scale attacks are already happening.
  Further details here: http://news.bbc.co.uk/2/hi/technology/7525206.stm
  A further development was the Koobface malware that can be picked up from Facebook (already a notorious site for malware, like many other 'social networking' sites like Twitter etc), as reported here on December 9, 2008:
  http://news.bbc.co.uk/newsbeat/hi/technology/newsid_7773000/7773340.stm
  You can keep up to date, particularly about malware present in some downloadable pirated software, at the Securemac site:
  http://www.securemac.com/
  There may be other ways of guarding against Trojans, viruses and general malware affecting the Mac, and alternatives will probably appear in the future. In the meantime the advice is: be careful where you go on the web and what you download!
  If you think you may have acquired a Trojan, and you know its name, you can also locate it via the Terminal:
  http://theappleblog.com/2009/04/24/mac-botnet-how-to-ensure-you-are-not-part-of- the-problem/
  As to the recent 'Conficker furore' affecting Intel-powered computers, MacWorld recently had this to say:
  http://www.macworld.co.uk/news/index.cfm?email&NewsID=25613
  Although any content that you download has the possibility of containing malicious software, practising a bit of care will generally keep you free from the consequences of anything like the DNSChanger trojan.
  1. Avoid going to suspect and untrusted Web sites, especially p'orn'ography sites.
  2. Check out what you are downloading. Mac OS X asks you for you administrator password to install applications for a reason! Only download media and applications from well-known and trusted Web sites. If you think you may have downloaded suspicious files, read the installer packages and make sure they are legit. If you cannot determine if the program you downloaded is infected, do a quick Internet search and see if any other users reported issues after installing a particular program. A recent example is of malware distributed through innocent looking free screensavers: http://www.zdnet.com/blog/security/malware-watch-free-mac-os-x-screensavers-bund led-with-spyware/6560?tag=nl.e589
  3. Use an antivirus program like ClamXav. If you are in the habit of downloading a lot of media and other files, it may be well worth your while to run those files through an AV application.
  4. Use Mac OS X's built-in Firewalls and other security features.
  5. Stop using LimeWire. LimeWire (and other peer-to-peer sharing applications and download torrents) are hotbeds of potential software issues waiting to happen to your Mac. Everything from changing permissions to downloading trojans and other malicious software can be acquired from using these applications. Similar risks apply to using Facebook, Twitter, MySpace, YouTube and similar sites which are prone to malicious hacking: http://news.bbc.co.uk/1/hi/technology/8420233.stm
  6. Resist the temptation to download pirated software. After the release of iWork '09 earlier this year, a Trojan was discovered circulating in pirated copies of Apple's productivity suite of applications (as well as pirated copies of Adobe's Photoshop CS4). Security professionals now believe that the botnet (from iServices) has become active. Although the potential damage range is projected to be minimal, an estimated 20,000 copies of the Trojan have been downloaded. SecureMac offer a simple and free tool for the removal of the iBotNet Trojan available here:
  http://macscan.securemac.com/files/iServicesTrojanRemovalTool.dmg
  Also, there is the potential for having your entire email contact list stolen for use for spamming:
  http://www.nytimes.com/2009/06/20/technology/internet/20shortcuts.html?_r=1
  NOTE: Snow Leopard, OS 10.6.x, offers additional security to that of previous versions of OS X, but not to the extent that you should ignore the foregoing:
  http://www.apple.com/macosx/security/
  Apple's 10.6.4 operating system upgrade silently updated the malware protection built into Mac OS X to protect against a backdoor Trojan horse that can allow hackers to gain remote control over your treasured iMac or MacBook.
  http://www.sophos.com/blogs/gc/g/2010/06/18/apple-secretly-updates
  Finally, do not install Norton Anti-Virus on a Mac as it can seriously damage your operating system. Norton Anti-Virus is not compatible with Apple OS X.
  And if you are using iPhone Apps you are also at risk of losing all privacy:
  http://www.engadget.com/2010/10/03/hacker-claims-third-party-iphone-apps-can-tra nsmit-udid-pose-se/