TENCENT QQ Trojan on Mac

Hi,
After researching on Google, my friend and I have determined that I have the Tencent QQ trojan. I'm not surprised that its a QQ trojan because I use QQ (an instant messenger service in China). Apparently, the company openly recognizes that they put malware on your computer, but I never investigated it, never knew it, and assumed it could never happen on a Mac. My situation now is that I have this trojan (which exists on a Mac, according to several pages I found on Google) and I don't know what to do. Right now, I'm running ClamXAv to see what it finds. MacScan found nothing. Any help would be appreciated. Thanks.

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have announced the discovery of the first virus for the Apple Mac OS X platform. The virus, named OSX/Leap-A (also known as OSX/Oompa-A) spreads via instant messaging systems.
The OSX/Leap-A worm spreads via the iChat instant messaging system, forwarding itself as a file called latestpics.tgz to contacts on the infected users' buddy list. When the latestpics.tgz archive file is opened on a computer it disguises its contents with a JPEG graphic icon in an attempt to fool people into thinking it is harmless.
Some owners of Mac computers have held the belief that Mac OS X is incapable of harboring computer viruses, but Leap-A will leave them shellshocked.
The worm uses the text "oompa" as an infection marker in the resource forks of infected programs to prevent it from reinfecting the same files.
"Some owners of Mac computers have held the belief that Mac OS X is incapable of harboring computer viruses, but Leap-A will leave them shellshocked, as it shows that the malware threat on Mac OS X is real," said Graham Cluley, senior technology consultant for Sophos. "Mac users shouldn't think it's okay to lie back and not worry about viruses."
Sophos customers have been automatically protected against the worm since 12:25 GMT, 16 February 2006.
"This is the first real virus for the Mac OS X platform," continued Cluley. "Apple Mac users need to be just as careful running unknown or unsolicited code on their computers as their friends and colleagues running Windows."
Sophos advises all computer users, whether running PCs or Macs, to practise safe computing and keep their anti-virus software updated.
Is Leap-A a virus or a Trojan?
Some members of the Apple Macintosh community have claimed that OSX/Leap-A is a Trojan horse, and not a virus or worm, because it requires user interaction (the user has to receive a file via iChat, and manually choose to open and run the file contained inside).
However, this is not the definition of a Trojan horse.
A Trojan horse is a seemingly legitimate computer program that has been intentionally designed to disrupt and damage computer activity. Importantly, Trojan horses do not replicate or have any mechanism of spreading themselves. They have to be deliberately planted on a website, or accidentally shared with another user, or spammed out to email addresses. There is nothing inside a Trojan's code to distribute themselves further to other victims.
Trojan horses do not contain any code to distribute or spread themselves, viruses and worms do.
OSX/Leap-A is programmed to use the iChat instant messaging system to spread itself to other users. As such, it is comparable to an email or instant messaging worm on the Windows platform. Worms are a sub category of the group of malware known as viruses.
Therefore, it is correct to call OSX/Leap-A a virus or a worm. It is not correct to call OSX/Leap-A a Trojan horse.
This is one of many. All the users out their that assume they will remain safe are in denial. More harmful material is being aimed at Mac daily.
I use no AV ware, and I consider myself safe, I just thought I'd offer good reading.
Ray

Similar Messages

  • Malware - trojan on mac

    hi all.
    I just had an experience where my emai account running through mac mail was spamming thousands of emails to the world. I was getting over 2000 replied emails  with address unknown, can't find server and all of those kinds of errors. my hosting company thinks that my computer was infected with a trojan or malware, but I was under the impression that mac's don't get viruses.
    They have changed my password and my cpanel log in for security and have asked me to check me system
    can you guys lend me more information on what I can use or what I shoudl look for that may have caused this issue?
    thanks
    bret

    thanks for the reply guys.
    Here is a full email message. I don't know if they are being sent from my computer or not. I am not seeing anything in the outbox that is being sent, but I am receiving the following or have been receiving the following in the thousands.... I am using imap services and not pop.
    This is the mail system at host gateway07.websitewelcome.com.
    I'm sorry to have to inform you that your message could not
    be delivered to one or more recipients. It's attached below.
    For further assistance, please send mail to postmaster.
    If you do so, please include this problem report. You can
    delete your own text from the attached returned message.
                      The mail system
    <****>: host ****[204.127.217.21] said: 551
       not our customer (in reply to RCPT TO command)
    Reporting-MTA: dns; gateway07.websitewelcome.com
    X-Postfix-Queue-ID: D9CF85FB9A267
    X-Postfix-Sender: rfc822; ****
    Arrival-Date: Fri, 10 Jan 2014 18:04:25 -0600 (CST)
    Final-Recipient: rfc822; ****
    Action: failed
    Status: 5.0.0
    Remote-MTA: dns; ****
    Diagnostic-Code: smtp; 551 not our customer
    From: "Richelle Wayne" <****>
    Subject: ṼĭẳǴṙẳ
    Date: 11 January 2014 11:04:21 am AEDT
    To: ****
    <Email Edited By Host>

  • Trojans on Macs via Internet links possible?

    Hi,
    Still a bit new to Macs and so far they've been excellent. No crashes. But I'm wondering if it's possible to have installed a trojan (such as spyware or keylogger, etc.) by clicking on an internet link. A poster on a discussion forum where the link was located, said it had a trojan_exploit attached - and I don't know if that poster is a windows user or a mac user..
    So, has anyone heard of Intel Macs being infected with malware/spyware like this and thus having their personal info, location, etc. made vulnerable? And if so, how would one find and remove it? I have ClamX but it doesn't scan the entire hard drive at once so it seems kind of difficult to know where to start.
    Thanks.

    Hi, Cowfreek.
    AFAIK, the "drive by" type of infection you describe has not been seen for Macs to-date. However, that's not to say people aren't trying to be the first to develop a major Trojan or virus for Mac OS X.
    See my "Detecting and avoiding malware and spyware" FAQ for my recommendations as well as a list of some recent Mac OS X security threats that have emerged, including Trojans, rootkits, and spyware. The FAQ also addresses some of the usual arguments against installing an anti-virus solution on a Mac that often arise in discussions of this topic.
    While some believe that anti-virus solutions are not required on a Mac, I feel that's ignoring the fact that threats are emerging and that security exposures continue to be found, albeit eventually closed, in Mac OS X, as in any other operating system. Even Apple now recommends that one should "check for viruses."
    Good luck!
    Dr. Smoke
    Author: Troubleshooting Mac® OS X
    Note: The information provided in the link(s) above is freely available. However, because I own The X Lab™, a commercial Web site to which some of these links point, the Apple Discussions Terms of Use require I include the following disclosure statement with this post:
    I may receive some form of compensation, financial or otherwise, from my recommendation or link.

  • New Mac Trojan

    http://www.zdnet.com/new-mac-trojan-installs-silently-no-password-required-70000 01519/
    How to protect yourself.
    1) Launch the Terminal app
    2) Enter in the command line
    sudo ipfw add 1000 deny all from any to 176.58.100.37
    3)Enter Password
    Your firewall is now updated to protect against this trojan.

    As Terence says, a trojan is NOT a virus.
    It may seem like a minor distinction, but a virus can come onto a computer via an e-mail attachment, embedded into an email, or something loaded from the internet, CD/DVD, USB drive, etc., then replicate itself to, say, everyone in your address book, +all without any action by you+. There are hundreds of thousands of them for PCs. At the moment, for Macs there are exactly zero known viruses. None. Zip. Zilch. So don't panic.
    It is possible, though, for you to get one of these. It won't do any harm on your Mac, but if you send it to a PC user, it may spread. If you want, you can get anti-virus software for this purpose. The one I see recommended most is ClamXav, and is free. Like many Mac users, I don't run any.
    There is malware, including trojans, for Macs, though far fewer than for PCs. As reported, all these require some action by you -- and in those cases where they come with pirated software, you obviously would have to be a thief, too (poetic justice?).
    Here's a similar thread, with some recommendations: http://discussions.apple.com/thread.jspa?threadID=1797574

  • Apple insider say there are Two new trojan horses threaten Mac software

    Yes it says pirates downloading iworks etc, and before you all ask no I don't have it.
    Either this is a scam or is this the first Mac trojan? Im woried as I have never had anything bad happen to my Mac. Shall i get anti virus? I dont use torrent sites any way, but if they can effect Mac programs could it affect my emails?

    As Terence says, a trojan is NOT a virus.
    It may seem like a minor distinction, but a virus can come onto a computer via an e-mail attachment, embedded into an email, or something loaded from the internet, CD/DVD, USB drive, etc., then replicate itself to, say, everyone in your address book, +all without any action by you+. There are hundreds of thousands of them for PCs. At the moment, for Macs there are exactly zero known viruses. None. Zip. Zilch. So don't panic.
    It is possible, though, for you to get one of these. It won't do any harm on your Mac, but if you send it to a PC user, it may spread. If you want, you can get anti-virus software for this purpose. The one I see recommended most is ClamXav, and is free. Like many Mac users, I don't run any.
    There is malware, including trojans, for Macs, though far fewer than for PCs. As reported, all these require some action by you -- and in those cases where they come with pirated software, you obviously would have to be a thief, too (poetic justice?).
    Here's a similar thread, with some recommendations: http://discussions.apple.com/thread.jspa?threadID=1797574

  • The reason for very little viruses on MACs

    As far as I know, there are very few viruses that are spread through the internet that cause harm to a mac. I'm going to purchase an macbook within a couple months and was just curious what it has in terms of virus protection, if any. Are there just not many viruses made to attack OSX or does the OS have that high quality of virus protection? Any other details would be appreciated. Thanks

    I disagree with that assessment.
    Consider hackers who write viruses to be thieves. A thief is not going to try stealing $1000 from a bank safe deposit box if he/she knows there is $1000 in a padlocked gym locker.
    It is very difficult to do anything valuable with a Mac OS X exploit, even when a vulnerability is discovered. You can't take over the overall system and turn the Mac into the hacker's robot. You can't create malware that self-replicates to other Macs. You can't modify the system without Mac OS X requesting admin user authentication. You can't even trick the user into running a trojan without Mac OS X flashing up a warning about running program "abc," which was downloaded from the Internet, for the first time. It's just not worth the effort...
    Windows is the low-hanging fruit; that's why it's the target of hackers. It's not because of market share, so the threat of Mac OS X viruses will not suddenly increase because Mac OS X market share is increasing.

  • Mac Defender - contact info for money back?

    I just installed Macdefender after it said my macbook is infected with a bunch of virus and I even paid for it ($99)! I saw all the warnings and got panicky about it and just used my credit card to pay for it!
    After reading the comments here I now know that I don't need it on my macbook - the way they tricked me into buying it was not right... (it wasn't done in a way like a normal 'scam' ... the graphics/wordings they used were very 'Apple' style and made me think that it was messages coming directly from Apple!)
    Any chance someone here knows how to get in touch with them about this?!
    Thanks!!

    ou may a trojan called  Mac Defender   / Protector / Security
    They are probably located in Eastern Europe and they have thier on fake call centre.
    Contact your bank to cancel your card.
    Check you downloads folder and apps folder to see if it is there If  you not find it
    -If go to safari, preferences, general, deselect  - open all safe downloads ( may not be exact wording)
    If you find it go to  DO NOT SIGN UP or GIVE CREDIT CARD INFO....
    Go to acitivity monitor in ultilies - quit the program.
    trash it from downloads, app folder, remove for Login Item in accouns (sys. pref)
    Boot into safe mode - hold the option key down and when you restart the mac
    look at these locations to see if remains.... if found try removing them again
    Uncheck the safari pref as above
    I advise getting security software or wait for Apple to come up with a security fix

  • Do you need antivirus software for Macs?

    Hi there,
    I purchased a new iMac yesterday, and I was wondering if I need antivirus software for it?  Thanks!

    There are two trains of thought here. Ultimately you'll need to decide which one fits you and your usage.
    In general, there are no true viruses on Mac OS X - that is, no software that can just infect your machine and self-replicate without any user involvement.
    However, that's not to say that malware doesn't exist. There are several known trojans on Mac OS X - software that's advertised to do one thing but actually doesn't something else (generally malicious) behind the scenes. These applications typically use some social-engineering or other guise to fool you into thinking they're legitimate - for example, you might visit a web site that pops up a message saying you need a certain software update in order to access the site, along with a link to 'conveniently' install that software, only to find it's installing something completely different.
    The difference here is that trojan applications like this require some kind of user input and usually require you to authenticate your username and password in order to install. If you only install trusted software and are smart about knowing when you should/should not need to enter your password then you're pretty immune from such tricks. If there are multiple users on the machine (especially if they all have admin access), this problem becomes compounded since it only takes one person to let down their guard.
    Then, there's the third class of malware in which your machine becomes a vehicle for viruses, even if you're not affected yourself. A classic example here is email and/or distributing software that gets opened on othe platforms. For example, if you recieve a document that's infected with a Windows virus, it can and will do nothing on your machine. However, if you then forward that document to other users, they may open it thinking it's trusted (it came from someone they know), only to find it infects their machine.
    This kind of problem is more prevalent in mixed-platform corporate environments, and is exascerbated when you consider that things like Microsoft Word documents and PDF files have been carriers of this kind of malware in the past.
    A good anti-virus application would detect and identify these kinds of malware, even though they cannot affect your machine itself.
    So, do you need anti-virus? Probably not if you're careful and don't share much content with other users (especially other users on other platforms). However, there's generally little downside to doing so.

  • Antivirus for Mac OS X 10.6 Snow Leopard

    Hi,
    I am new to the mac world, Can you advice me to find out the best Antivirus software for Mac OS X 10.6 Snow Leopard
    Thank You

    Hi, and welcome to the forums.
    There are no viruses that run on OSX. None. Zip. Zero.
    If you're running Windoze on your Mac, that's the same as running it on a PC, so it needs all the same anti-everything stuff you'd use on a PC.
    There is some "malware," such as Trojans, for Macs, though. But (unlike viruses that can get onto your system without your knowledge), you must approve their installation (via your Admin password) and/or operation (via the "This application was downloaded from the internet ..." prompt).
    Appropriately enough, some of these Trojans are included in pirated versions of Apple software, such as iWork!
    For the gory details, see Thomas Reed's [Mac Virus Guide|http://www.reedcorner.net/thomas/guides/macvirus].

  • Mac Defender

    How do I get rid of the Mac Defender

    ou may a trojan called  Mac Defender   / Protector / Security
    Check you downloads folder and apps folder to see if it is there If  you not find it
    -If go to safari, preferences, general, deselect  - open all safe downloads ( may not be exact wording)
    If you find it go to  DO NOT SIGN UP or GIVE CREDIT CARD INFO....
    Go to acitivity monitor in ultilies - quit the program.
    trash it from downloads, app folder, remove for Login Item in accouns (sys. pref)
    Boot into safe mode - hold the option key down and when you restart the mac
    look at these locations to see if remains.... if found try removing them again
    Uncheck the safari pref as above
    I advise getting security software or wait for Apple to come up with a security fix

  • Which is the best virus protector for mac as  i think something is accessing my internet and costing me  a lot from uploads, which is the best virus protector for mac as  i think something is accessing my internet and costing me  a lot from uploads

    which is the best anit virus protection to block forien uploads using my service provider as  there has been usage and i havent been  on the computor

    Hi Greg,
    Best protection is a really secure WPA2 Passwoird to join your Router... WEP or Open is worthless, WPA can be broken, but WPA 2 is still likely not to be broken fo awhile.
    Little Snitch, stops/alerts outgoing stuff...
    http://www.obdev.at/products/littlesnitch/index.html
    ClamXAV, free Virus scanner...
    http://www.clamxav.com/
    Free Sophos...
    http://www.sophos.com/products/enterprise/endpoint/security-and-control/mac/
    See if you might have this malware redirecting DNS queries...
    http://macmegasite.com/node/3924
    http://www.ehow.com/how_2128387_remove-osxrspluga-trojan-horse-mac.html
    How to fix...
    http://www.macosxhints.com/article.php?story=20071031114140862
    Get MacScan...
    http://www.apple.com/downloads/macosx/networking_security/macscan.html
    Malware  list....
    How to uninstall MacKeper...
    http://applehelpwriter.com/2011/09/21/how-to-uninstall-mackeeper-malware/
    https://discussions.apple.com/docs/DOC-3039
    http://x704.net/bbs/viewtopic.php?f=6&t=4479

  • Using another from address for Gmail account in Mac OSX Lion's Mail app

    Hi,
    On my iPhone I've set up gmail as an Exchange accout and when I send an e-mail, my from address appears to be the one I select as default address in gmail preferences.
    Is there any way to achieve this in Mac OSX Lion's mail application?
    Regards,
    Erdem Kucuk

    Hmmm, not sure what is going on, but from the Mail log, neither of those IPs have a name associated with them, 1st one is in Netherlands, 2nd one is iin Africa!???
    Any idea why it'd be looking those up?
    I wonder if your Facebook account has been hacked, or See if you might have this malware redirecting DNS queries...
    http://macmegasite.com/node/3924
    http://www.ehow.com/how_2128387_remove-osxrspluga-trojan-horse-mac.html
    How to fix...
    http://www.macosxhints.com/article.php?story=20071031114140862
    Known DNSChanger address ranges. Source: dcwg.org
    http://krebsonsecurity.com/2012/03/court-4-more-months-for-dnschanger-infected-p cs/

  • I have a mac and my friend has a pc with a web cam, sharing?

    how can i connect with my built in camera and his webcam, is it possible? how can it be done?

    Those are not only different ports (that are not listed) but different IP as well.
    You are not connected to one central Server but linked to as many as connections as you click OK to. (or are unaware of if you don't check).
    AS scb says I am less worried really about the issue of security as there has not been a Virus in the wild for OS X. That is not to say it will never happen.
    My view on this is that it is a risk I would not take about potentially putting myself in harm's way.
    It is about When Will a security problem be it virus or Trojan effect Macs rather than it has never happened so I am safe.
    See this story
    http://www.ambrosiasw.com/forums/index.php?showtopic=102379
    8:08 PM Tuesday; March 11, 2008

  • Why does my mac redirect me

    I have MacBook Pro 13 inch and almost everytime I search something it redirects me to websites like this.
    Its so frustrating!
    http://ed59.r.google.com/click?q=gofit%20madrid&lnk=http%3A%2F%2Fwww.go-fit.es%2 Fnoticias.html&ref=http%3A%2F%2Fwww.google.com%2Fsearch%3Fhl%3Den%26source%3Dhp% 26q%3Dgofit%20madrid.

    did you recently install flash from a website? what os are you on?
    http://www.ipadforums.net/off-topic/47434-flash-trojan-virus-macs.html
    are you seeing any of these symptoms?

  • Imac (intel) affected by flashback trojan?

    Does anyone know if the "flashback trojan" affecting the Imac (intel) machines?
    Or is it just the laptops?  How to check to see if computer is affected?
    Thanks, Charleed

    Below is a link with detailed instructions to tell if your system has been infected, the chances are very low it has though.
    http://osxdaily.com/2012/04/05/how-to-check-for-the-flashback-trojan-in-mac-os-x /
    To safeguard your system the basic rule of thumb is do not download from a site that isn't trusted and if you solicted and told your system is at risk or you must download something then you should be suspect.
    Also read the following article to learn how to safeguard  your system.
    http://osxdaily.com/2012/04/07/tips-secure-mac-from-virus-trojan/

Maybe you are looking for