Skip navigation

.null want to connect to krymbrjasnof.com-another Flashback variant

3493 Views 7 Replies Latest reply: Apr 6, 2012 1:38 PM by X423424X RSS
William Buckingham Calculating status...
Currently Being Moderated
Apr 6, 2012 1:10 AM

Little Snitch blocked the connection attempt above this morning.

 

I checked my home folder and sure enough, there is a .null executable that was evidently installed there on March 27. There is also a a corresponding .plist for .null.

 

It would appear that because I did not allow the connection that the actual malware payload was never delivered as none of the command line checks recommended by users on these boards shows any sign of infection.

 

I have copied, zipped and quarantined the executable and .plist file if anyone can point me in the direction of someone who would be interested in checking out this variant.

MacBook Pro, Mac OS X (10.6.8)

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.