Apple Snubs Firm That Discovered Mac Botnet, Tries To Cut Off Its Server Monitoring Infections

Forbes ^ | April 9, 2011 | Andy Greenberg

[PA Engineer]

I am still not finding ANY infected Macs... not one.

Asked around here. No one has had the problem. I asked my brother who works with a major bank on the Mac platform. His response was a simple "meh." I'm only seeing the problem here on FR amongst non-mac users. SSDD.

[TXnMA]

I checked for it with Unix via Terminal (comes with OSX). It's not on my MBP...

~~~~~~~~~

To see if your Mac is infected:
In Terminal:

go to SHELL / New Command

paste in the bold line below

defaults read /Applications/Safari.app/Contents/Info LSEnvironment

-- and RUN.

You should get this error:

The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist

Then run:

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

You should get this error:

The domain/default pair of (/Users/YOURUSER/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist

If you do, you are clean of this variant!

~~~~~~~~~~~

(Can't hurt anything; those are read-only commands...)

[TheBattman]

So a company that supposedly specializes in computer security actually is the perpetrator in this attempt to attack Macs... at least that is what this all appears to boil down to. They have been caught red handed, Apple is trying to force a shutdown of the servers playing “host” to the attack attempts.

I still say Symantec, McAfee, and others have done similar... a good way to generate business (tinfoil hat is firmly in place).

And as I have read many articles on this supposed “widespread infection” - I have actually found no actual userland reports of said infection, but lots of paranoia.

[antiRepublicrat]

Historically, Apple hasn’t had a very good relationship with security researchers. Most companies don’t. It took a long time for Microsoft to wake up and realize they essentially constitute free security research for the company.