Spyware on my MacBook?

ever since i did the 10.4.11 update with the safari 3 my mac mini has a redirect on certain adult web pages. i do not have this problem on my ibook that does not have the update. apple seems to be doing like those clowns at microsoft putting out a bad product...i also have the bookmark issue that everyone is complaining about. this is not good for apple. help me.

Add another to the list. Similar story happened to me today, except it was on the crowd pleaser, Myspace. Went to check a "friend request," which when I checked the page it was a redirect to another non-myspace site:

http://winupdates.microsofm44.cn/updateKB890830.exe, http://profile.myspace.com/indexcfm/fuseaction=user.viewprofile&friendid=9082656 0

Got to that redirect site and it began downloading updateKB890830.exe to my computer. Was able to stop it by clicking in the download window, but not through Safari. Any time I clicked anything in Safari it would begin the download again.

The funny thing is, although the .exe tag would make one think Windows directed software, after that download Safari would not work consistently and crashed about 8-times...closed with no warning with a "do you want to send this Apple" dialog box. No problem using Firefox, but Safari kept crashing until I restarted my computer.

Also saw reference to a story recently on Financial Times about issues with Mac security now-a-days. As it was behind a log in wall, could only read the summary, but odd timing for sure.

The article:

http://preview.tinyurl.com/3ywpoo

Just interesting I guess, but a bit disturbing that my browser was messed up in the process. Since then, just been using Firefox.

dp

Malware got into Doubleclick and into Google. Once there, it is in, and stays in Google's cache.

They are fake, trying to get you to click on, or fill out "survey" or "tell us why you visit" etc.

You can do some filtering at the router. As for Little Snitch, I moved to NetBarrier which has more robust intrusion detection. There were other issues, but I haven't needed to look at the latest versions of LS.

Try using NoScript with Firefox, and only allow javascript when needed, but even 'trusted sites' will still have and use Doubleclick. And Google is.... pervasive.

eWeek, ComputerWorld, and other news and security sites are good to check daily as this is month old news.

DNS attack could signal Phishing 2.0
'Open recursive' DNS servers could redirect users to phishing sites, researchers say
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleI d=9052198

Researchers at Google Inc. and the Georgia Institute of Technology are studying a virtually undetectable form of attack that quietly controls where victims go on the Internet.

The study, set to be published in February, takes a close look at "open recursive" DNS servers, which are used to tell computers how to find each other on the Internet by translating domain names like google.com into numerical Internet Protocol addresses. Criminals are using these servers in combination with new attack techniques to develop a new generation of phishing attacks.

The researchers estimate that there are 17 million open-recursive DNS servers on the Internet, the vast majority of which give accurate information. Unlike other DNS servers, open-recursive systems will answer all DNS lookup requests from any computer on the Internet, a feature that makes them particularly useful for hackers.

Trojans Get Agile with Web 2.0 Tricks

Malware that researchers have dubbed "Trojan 2.0" is using RSS feeds to communicate.
http://www.security.ithub.com/