7 Replies Latest reply: Apr 6, 2012 1:38 PM by X423424X
William Buckingham Level 1 (0 points)

Little Snitch blocked the connection attempt above this morning.


I checked my home folder and sure enough, there is a .null executable that was evidently installed there on March 27. There is also a a corresponding .plist for .null.


It would appear that because I did not allow the connection that the actual malware payload was never delivered as none of the command line checks recommended by users on these boards shows any sign of infection.


I have copied, zipped and quarantined the executable and .plist file if anyone can point me in the direction of someone who would be interested in checking out this variant.

MacBook Pro, Mac OS X (10.6.8)