[OS X TeX] OT: effective Macintosh Trojan in the wild
Peter Dyballa
Peter_Dyballa at Web.DE
Thu May 5 08:07:47 EDT 2005
Am 05.05.2005 um 09:07 schrieb Bruno Voisin:
> May 5 08:32:29 Portable-de-Bruno ipfw: Stealth Mode connection
> attempt to TCP 10.0.1.2:49987 from [...].73.26:80
> May 5 08:32:29 Portable-de-Bruno ipfw: Stealth Mode connection
> attempt to TCP 10.0.1.2:49986 from [...].73.26:80
> May 5 08:32:34 Portable-de-Bruno ipfw: Stealth Mode connection
> attempt to TCP 10.0.1.2:49965 from [...].87.2:80
>
Their targets are usually MS based. The PCs have sleepers that wait for
an outside call to become activated to distribute spam or to attack
some company. Since the 'developers' of that malware do not know where
the programmes wait inside the infected PCs, they have to scan from the
outside all IP adresses for responsive, open, ports. Could be that most
of the IP traffic is spam and such searching.
--
Greetings
Pete
The most exciting phrase to hear in science, the one that heralds new
discoveries, is not "Eureka!" (I found it!) but "That's funny..."
[Isaac Asimov]
--------------------- Info ---------------------
Mac-TeX Website: http://www.esm.psu.edu/mac-tex/
& FAQ: http://latex.yauh.de/faq/
TeX FAQ: http://www.tex.ac.uk/faq
List Post: <mailto:MacOSX-TeX at email.esm.psu.edu>
More information about the MacOSX-TeX
mailing list