funsec mailing list archives
RE: mac trojan in-the-wild
From: "David Harley" <david.a.harley () gmail com>
Date: Wed, 31 Oct 2007 23:05:45 -0000
err doesn't virustotal only detect windows viruses?
Strictly speaking, VT doesn't detect anything. It just reports what certain scanners report. (I know that sounds patronizing: bear with me...) But a couple of those scanners should detect Mac malware. VirusBarrier isn't one of the scanners they use, though, and I haven't yet seen anything on this on the McAfee, Sophos or Symantec web sites. But that may only mean that those vendors haven't been able to secure a sample through "normal" channels -- Intego are long-established, but strictly Mac and a bit out of the mainstream.
They dont have virex listed in the scanners, but ClamAV could be the BSD version.. I guess
I don't think ClamAV does Mac-specific malware, generally, even ClamXav which is just the Clam engine on a Mac platform. If you respond to this, please don't go all anti-AV on me tonight: I've been mauled enough for one evening, and I'm just trying to help... -- David Harley AVIEN Interim Administrator: http://www.avien.org http://www.smallblue-greenworld.co.uk
-----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Dude VanWinkle Sent: 31 October 2007 22:30 To: Gadi Evron Cc: funsec () linuxbox org Subject: Re: [funsec] mac trojan in-the-wild On 10/31/07, Gadi Evron <ge () linuxbox org> wrote:http://sunbeltblog.blogspot.com/2007/10/screenshot-of-new-mac-trojan.htmlNot surprisingly (it is, after all, a Mac virus), VirusTotal has zerodetection on this
-JP _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- mac trojan in-the-wild Gadi Evron (Oct 31)
- Re: mac trojan in-the-wild Dude VanWinkle (Oct 31)
- RE: mac trojan in-the-wild Alex Eckelberry (Oct 31)
- Re: mac trojan in-the-wild Dude VanWinkle (Oct 31)
- RE: mac trojan in-the-wild Gadi Evron (Oct 31)
- RE: mac trojan in-the-wild David Harley (Oct 31)
- Message not available
- Re: mac trojan in-the-wild Gadi Evron (Oct 31)
- RE: mac trojan in-the-wild Alex Eckelberry (Oct 31)
- Re: mac trojan in-the-wild Dude VanWinkle (Oct 31)
- RE: mac trojan in-the-wild David Harley (Oct 31)
- Re: mac trojan in-the-wild Dude VanWinkle (Oct 31)
- RE: mac trojan in-the-wild David Harley (Oct 31)
- Re: mac trojan in-the-wild Dude VanWinkle (Oct 31)
- RE: mac trojan in-the-wild Alex Eckelberry (Oct 31)
- RE: mac trojan in-the-wild Gadi Evron (Oct 31)
- RE: mac trojan in-the-wild Larry Seltzer (Oct 31)
- Re: mac trojan in-the-wild Brian Loe (Oct 31)
- RE: mac trojan in-the-wild Nick FitzGerald (Oct 31)
- Re: mac trojan in-the-wild der Mouse (Oct 31)
- Re: mac trojan in-the-wild Dude VanWinkle (Oct 31)