New Apple Scareware Warning
Ping!
The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.
If you want on or off the Mac Ping List, Freepmail me
Posted on 02/06/2016 7:24:03 PM PST by Utilizer
A unique scareware campaign targeting Mac OS X machines has been discovered, and it's likely the developer behind the malware has been at it a while since the installer that drops the scareware is signed with a legitimate Apple developer certificate.
"Sadly, this particular developer certificate (assigned to a Maksim Noskov) has been used for probably two years in similar attacks," said Johannes Ullrich, dean of research of the SANS Institute's Internet Storm Center, which on Thursday publicly disclosed the campaign. "So far, it apparently hasn't been revoked by Apple."
Ullrich said he happened upon the scam while investigating some click-bait links on Facebook, below. One led him to emgn[.]com that he says was likely hosting a malicious ad that served a pop-up warning that his Adobe Flash Player was out of date. Ullrich was using a clean default install of OS X 10.11 in a virtual machine, and Flash was not installed on the image.
(Excerpt) Read more at threatpost.com ...
@SwordMaker for comment and analysis.
How can I tell if I have that? My machine acts like it is going so slowly lately. Is there an honest site I can check it out?
I'm still running OS X 10.5.8. I can still play yt videos but not most other websites, and yt hangs a lot.
This happened to me a couple days ago. Don’t update Flash unless you do a lot of checking to make sure it is legit.
Mac forums suggested this to me:
Try downloading and installing EtreCheck and post the results. http://etrecheck.com/
It give you are report on any problems.
I never update it until a few months have gone by on the Stable repos to verify it is a valid update. Thankfully the Ubuntu and Debian sources are extremely reliable.
The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.
If you want on or off the Mac Ping List, Freepmail me
So you like Ubuntu. Should I add it? What does it do I wonder?
My best advice? Don't use Flash. Period.
Alaska, don’t use Flash. The vast majority of YouTube video is now in HTML5, and will work fine on the Mac or iPads/iPhones without Flash.
Upgrade your Mac if your Mac can accept a later OS X.
Actually, I prefer Debian distros, but Ubuntu seems to be a bit more cutting-edge in some areas without treading too heavily into the Unstable/Testing (/cutting-edge) areas.
Still getting this main machine ready to revert back to a previous well-established stable distro, but have been busy evaluating some of the newer ones to see if they have more advantages. No luck so far...
Some websites still require Flash, mate. Hard to get around that until they find another way to proffer their wares, sad to say.
They aren't Apple Mac OS X utilities. They're versions of Linux, a Knox off of the underlying UNIX operating system of OS X, but really a completely different operating system. None of what you use on OS X will run on them.
You might also let him know that Unix is the root from which both Linux and OS X derive from, not just that they are incompatible. As far as knock-offs, people differ on which is the greater, the various versions of Linux (and BSD, some would argue) or OS X instead.
Different people prefer different things, of course.
Not ones of any value, I've found. If they still insist on FLASH they don't get my business. Monst of what I've seen that require Flash are ads. When I run across a major website that still requires Flash, I write to the CEO of the sponsoring company, not the IT guy building the site, he's too stupid to write to, telling him how his IT/webmaster is giving his company a bad reputation by forcing potential customers to load a malware magnet on their computers to buy his products or use his service. I'm quite specific about it and include links to articles on the failings of Flash and the constant number of zero day vulnerabilities and exploits. I also demonstrate there's a reasonable substitute that exists in the HTML5 standard code. I then ask "Are you in the business of selling your products/services, or in the business of supporting and advancing Adobe's bug filled product?" You'd be surprised how often that gets results and how quickly!
But is HTML5 really all that helpful? In the past few months, I have found that attempting to view vids running Firefox on the YouTube site after just a few views the browser comes to a complete halt and I must necessarily halt the process and restart it to view the rest of the video I wish to access.
Granted, that may be a personal computer problem with the setup I have here, but considering how careful I am about allowing upgrades to the system and only connecting to Stable repos, I am for the moment quite severely concerned about why this is occurring.
I am concerned that the HTML5 standard is beginning to cause more problems than solved with the elimination of the Flash standard.
You are aware that OS X is not just consider a derivation of UNIX, but is in fact a certified, POSIX compliant Trademarked UNIX itself, one of only four so permitted to be Trademarked, and in fact the best-selling UNIX in the world, aren't you? It is not considered a knock-off, such as Linux, which was created in a "clean-room" environment, reverse-engineering every UNIX command to duplicate the results of that command without duplicating any copyrighted code.
Spell check works in mysterious ways. How did "knock-off" in my original post get changed to "Knox" and why? Even more curious because it was correct when I hit 'Post'. Whose spell checker would have "knock-off", which is a euphemism for both "kill" and "burglarize/rob" AND the word "Knox" with a upper case "K" as in "Fort Knox" in its dictionary as potential substitutions? Secondly, where is this spell checking computer which would possibly be loading my posting and altering the reply? I just tried "knock-off" and variations on my computer and not once did it do a substitution of "Knox" for any possible misspelling I may have made. Weird.
It makes me think more and more there's an intercept server between FR's users and FR which gets our postings first, a man-in-the-middle, listening in, and copying (and censoring) everything before forwarding it to JR's real servers. I know that, in the past, when I've posted the pings, which have had upwards of 500 names on the "to:" list, I'd strangely and frequently and frequently get the ping double posted, as though there were a delay between hitting post and the actual posting, then another would be also sent when I know I had not hit Post twice. I chalked it up to hiccoughs in the network and would request the admins delete one.
I'd be far more suspest of Firefox than HTML5. Firefox has been developing some problems of late, so much that there have been some forks being developed by third parties and even, IIRC, by the originator of Firefox because he was not happy with the mess of a Christmas tree that Firefox has become with all the bells and whistles being hung all over it, with their potential for bolixing up everything. I saw one Firefox install the other day that had two and three differing versions of the same plug-ins all working at the same time. The owner of the Windows machine was wondering why it was so slow at browsing. She was one who always said yes to installing anything that "enhanced" her browsing experience. SHEESH. I deleted almost all of them and it was amazing how fast Firefox became. Now, why did the underlying FireFox framework allow multiple versions of plug-ins from the same vendor, doing the same identical things, to install without removing or overwriting the previous version? I don't know; I didn't have time to go exploring her system registry to find out what was screwed up there. She's buying a new computer soon so it wasn't worth the extra time to fiddle with.
I can upgrade my Mac, will have to pay, and I worry about messing the OS up; I need to upgrade to the latest if it will take it. I talked to apple tech too far back to remember what they told me.
I looked at that app, it appears safe, will deal with it tomorrow if I can.
How do I disable Flash? Go to Safari>Preferences>Security>uncheck enable plug-ins, ucheck java?, uncheck enable javascript.
Also don't have popup windows blocked, there's a reason for that.
I've been wondering if the pages I visit, they fill them up with adware from places I've visited, they have to collect that crap from servers all over the place, if they are slow, it seems like that could be part of it.
Also I've developed a bad habit of having too many windows open at once, don't use tab browsing. The open windows often have things scrolling, etc., not clean and neat like FR.
I've been making a point to try to remember to close the worst offenders as soon as I'm done with them, local paper, ABC, my ISP news feed has a scroller, and so on.
And thank you. I really appreciate the help. Sometimes I can find it by googling but the thread was just sitting in front of me . . . . .I'll let you know what I've done, have some things to do offline first.
Adobe is now helpful in removing Flash: Uninstaling Adobe Flash Player on Apple Mac Help Page.
Alaska, turn on tabbed browsing right away! Your life will be much simpler, and you can still have multiple windows if you want. Just drag a tab off the current tab bar and it will create its own window!
Get Ad-Block Plus immediately. Use it. Some sites act aggrieved, but you can turn it off on an as needed basis from a menu bar icon, or you can green light certain websites to allow ads. Again it will make things much more pleasant.
The newest Safari browser allows you to silence players on the tab so you don't have to go hunting for what's playing.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.