User profile for user: Community User
Community User Author

OSX Bundlore virus: how to find identifiers

I have been getting attacked for a long time and apple support tries but it takes forever for me to be able to find/share what is happening.

Somehow, (early stages) my personal contacts card within my contacts app was traveling between each individual contact so it looked like my mac was claiming their contact info as my ID.

I poke through my keychain and am not a tach person and cannot identify what things are apple or others.

I was getting pop ups with various names including, “anonymousd helper needs keychain access”

I downloaded norton which found a player build (game center?) malware OSX.Bundlore.

Norton, nor my mac has any opportunities to provide “automatic style, right click for information” that would show the list of dates/times/locations/identifiers to help me decipher good from evil. I want to learn what I need to remove.

Where is the giant code bible for a virgin wanna be like me? How do I get control of these cyber attackers?

iMac 27″, macOS 13.3

Posted on Apr 27, 2023 9:31 AM

Reply

Similar questions

8 replies
User profile for user: MrHoffman
MrHoffman
User level: Level 10
154,653 points

Apr 27, 2023 9:53 AM in response to Community User

Ongoing issues are not going to get solved here, and you're not going to get any new advice here that you haven't already received and considered and acted upon, including suggestions from Apple, from whatever other postings you've made of this, and elsewhere.


Add-on anti-malware is too often junk. And some of it has corrupted systems.


As for Bundlore, that's some rather pernicious adware, and a reset and reload without restore—which has almost certainly been suggested—would have cleared that. Usual path that gets loaded is from torrents, from fake update ads, fake Flash updaters, and cracked apps and junk apps acquired from sources other than the app store or directly from the app vendors.


Here? With all that has likely happened, between this particular issue and previous efforts to remediate this and whatever else? Back up. Back up again. Wipe. Reset. Reload macOS. Migrate only documents. Then install apps from the Mac App Store only.


Erase your Mac and reset it to factory settings - Apple Support

How to back up your Mac - Official Apple Support


Reply
User profile for user: Community User
Community User Author

Apr 28, 2023 10:25 AM in response to Community User

I did the norton and malwarebytes which is how I discovered that malware. My brain is melting so I don’t have the names of what else appeared to be involved, however, in attempts to backup ipad to the mac, I found lots of files from Adobe and lots of action from them in my keychain. Those things were related to my vectornator svg files, and Adobe creative cloud app. FYI, I quit Adobe over a year ago because they were becoming invasive. I deleted all of my adobe apps except for two mobile apps to save the pics attached inside of them. I turned off permissions for any Adobe updates, left those two apps only on my phone and icloud. This was more than a year ago, too.

I think there could be some invasive attempts to hack the UI of my Apple related art apps. I do remember CG files and a root file with CGAdobe buried in my Apple HD disk space.

While I was poking around inside of files I transferred from ipad to mac, I saw some xml Adobe files that I tried to remove but they would not go away.

I have no idea if that stuff is directly related to the game center OSX.Bundalore but it may be.

Reply
User profile for user: Community User
Community User Author

Apr 28, 2023 1:38 PM in response to MrHoffman

So it is a waste of everyone’s time to post about Adobe related problems? Now, I’m really confused.

I found all of this stuff after I began moving files into the icloud before I turned my mac upside down and shook my whole history out of it.

I think you helped me, so thanks for that.

Reply
User profile for user: MrHoffman
MrHoffman
User level: Level 10
154,653 points

Apr 28, 2023 2:01 PM in response to Community User

Given these ongoing issues for “a long time”, you’ve undoubtedly already received good suggestions from your previous postings, and have acted appropriately upon those.


You will have wiped and re-loaded, which should have cleared ~everything.


Which means absent direct forensics, nobody here can determine if there was or is or can be a breach here, the extent of the breach if any, or whether there are other issues or concerns here, and what those might be.


Add-on anti-malware is too often capable of both false positives and false negatives, too.


And whether there are issues or details that might make you more or less of a target.


We’re on the far end of a text input box. Forensics and related requires access, time, effort, and investment.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

OSX Bundlore virus: how to find identifiers

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up