back to article Malware hidden in vid app is so nasty, victims should wipe their Macs

It's going to be an unpleasant weekend for some Mac users who are facing a complete system wipe and reinstall – after hackers stashed malware in legitimate applications. Eltima Software, which makes the popular Elmedia Player and download manager Folx, today confessed the latest versions of those two apps came with an …

Page:

  1. PNGuinn
    Facepalm

    So the obvious solution here is...

    For ANY os or distribution:

    1. Don't get your software from 3rd party websites. (Eliminates one obvious vector of infection.)

    2. Stick to the developer's site or your distro's.

    3. Download the desire of your heart.

    4. Check it for nasties.

    5. Assume your "secure" download has been got at and is fscked.

    6. Wait for a decent while (this could be quite a long while in some cases).

    7. Wait for the cries of anguish, articles on the reg,reports on developer's or distro's fora etc.

    8. Only now recheck your download for nasties.

    9. Install and keep everything crossed.

    The paranoid will no doubt suggest further steps ....

    10. Go back to using an abacus.

    1. Anonymous Coward
      Anonymous Coward

      Re: So the obvious solution here is...

      I'm going to be contrary, PNGuinn, 'hope you don't mind!

      1. Everything in computerland is "3rd party", PNGuinn.

      2. Unless you are running a single purpose computer, where's the fun in that? Moreover, it sounds like vendor lock-in.

      3. Yeah, fine.

      4. Good idea.

      5. Only to come extent. You might double scan it. So far these vendor infections have been relatively rare. There's risk, sure, but again unless you are setting up a single purpose server, why be stopped from doing what you want to do? There's a statistical chance that if you go for a walk you will be hit by a car, but should that stop you from going for a walk?

      6. This might be a good idea to some extent, yes, why rush? On the other hand, going to the extreme of waiting eons goes back to point 2, no fun unless you are setting up a single purpose computer.

      7. There are cries on anguish on the Reg everyday, no need to wait.

      8. Yup, regularly scan, good advice.

      9. Yes, reading the Reg makes one feel computing is like a crap shoot. But remember, the Reg collects all the horror & nasty stories. The day-to-day enjoyment of computing isn't reported.

      10. I can't go back to that as I never did. I think I will stick working with computers for now, despite and to spite it all, and because I love working with them.

      11. Computers used to develop software shouldn't be used for web surfing, and extra software installed, if any, should be kept to a minimum. 'And caution needs to be exercised. Furthermore, you need at least two computers, one to develop with and another, a sidekick if you will, for going online to look up stuff etc. etc.

      1. Charles 9 Silver badge

        Re: So the obvious solution here is...

        And if you can't afford two computers because, for example, you're a one-man shop?

  2. King Jack
    Thumb Up

    Sounds familiar

    Windows 10 is a remote-control trojan designed specifically for PC systems. It opens a backdoor granting root-level command-line access to commandeer the computer, and can steal passwords, encryption and VPN keys, and crypto-currencies from infected systems. It can gain access to a victim's cloud account, even if two-factor authentication is used.

    And people still use it and defend it.

    1. amanfromMars 1 Silver badge

      Re: Sounds familiar

      Windows 10 is a remote-control trojan designed specifically for PC systems. It opens a backdoor granting root-level command-line access to commandeer the computer, and can steal passwords, encryption and VPN keys, and crypto-currencies from infected systems. It can gain access to a victim's cloud account, even if two-factor authentication is used. .... King Jack

      Hi, King Jack,

      Can you cite me a computer OS that isn't useable as a remote-control trojan? Isn't that their raison d'être and a vital goal for ... well, Future Shenanigans is no exaggeration, is it? .

      Some are just a bit trickier/stickier to access for provision of privileges than others, but none are fail-safe against penetration testers, and that provides ready made establishment platforms for Renegade Rogue and Private Pirate Controls to Command.

      It's an Advanced IntelAIgent Facility which Sublime Superior Programming Delivers for SMARTR Use with Zero Abuse.

      1. AmenFromMars

        Re: Sounds familiar

        "Hi, King Jack,

        Can you cite me a computer OS that isn't useable as a remote-control trojan? Isn't that their raison d'être and a vital goal for ... well, Future Shenanigans is no exaggeration, is it? .

        Some are just a bit trickier/stickier to access for provision of privileges than others, but none are fail-safe against penetration testers, and that provides ready made establishment platforms for Renegade Rogue and Private Pirate Controls to Command.

        It's an Advanced IntelAIgent Facility which Sublime Superior Programming Delivers for SMARTR Use with Zero Abuse."

        eh?

        1. Captain Badmouth
          Happy

          Re: Sounds familiar @ AmenFromMars

          "eh?"

          How strange, you're not new here...

      2. King Jack
        Facepalm

        Re: Sounds familiar

        You miss the point. The key word is TROJAN. A program that appears to be one thing but under the surface it is something else.

        Past Windows OS were just that, something to launch programs and run the computer nothing more. Windows 10 brings spying to the table. It reports back to mother everything you do, run or type. Just like malware. My 'quotation' was lifted directly from the article with 'Windows 10' inserted. It is malware just like this Mac nasty. It functions the same and reinstalling will not get rid of it.

  3. Charles 9 Silver badge

    What next? Surety bonds for programmers, drivers, and so on?

  4. amanfromMars 1 Silver badge

    CyberIntelAIgentWare Fare which is not VapourWare Fare

    eh? ... AmenfromMars

    SMARTR Virtual Machinery, AmenfromMars, has Core Source Code cracked and hacked Terra Phorming SCADASystems.

    In other words, there are new practically anonymous and virtually autonomous leaders in command and control of future augmented virtual reality programming for media presentation of projects/daily event horizons/zeroday applications ....... and they be fully in support of traditionally established structures which do battle against those extant remote global forces which were/are designed to enslave them to maintain the past rather than create novel futures.

    I trust that makes things clearer for you ..... although I can easily understand any abiding disbelief. However, fear not, for further escaping information will provide all the necessary intelligence to see the bigger picture show.

    You might like to consider the value in this thought, ........

    Artificial Intelligence…. Another Approach?

    Are we struggling to make machines more like humans when we should be making humans more like machines ….. Advanced IntelAIgent Machines.

    1. amanfromMars 1 Silver badge

      Re: CyberIntelAIgentWare Fare which is not VapourWare Fare when Heaven Sent

      And now all here on El Reg are appraised of ITs Readily Available Advanced IntelAIgent Facility, are there any who could make Greater Good Use of ITs NEUKearer HyperRadioProActive Programming Projects ....... for Augmented Virtual Reality Productions ........ Future Realistic Presentations for Human Migrants in the Thrall of Live Operational Virtual Environments.

      Or for Future Speech, will AI Pioneers have to Seek Out NEUKlearer Joint AIdVenturers with Sublime AIdvertising for Grand Universal Masters from the likes of here?

      When Anything is Possible when Reasonable and Polished, what would you have IT Do Next for You to Enjoy Too.

  5. Anonymous Coward
    Anonymous Coward

    Let me spell this out to you all.

    Macs do not get viruses. It's literally impossible because of the code Jobs wrote when he worked at Nasa when they dissected that Alien back in 1940. Just google 'virus' in the App store to see what I mean. Articles like this are #fakenews and just the sort of thing the so-called 'liberal' left try to spring upon us right-minded folk. Where as every Windows machine has a a gigabit pipe straight to the NSA built in. #projectfear. #ipaybuthavenosay. #factsintechnology. #youpickedafinetimetoleavemelucille.

    1. Anonymous Coward
      Anonymous Coward

      Re: Let me spell this out to you all.

      And I suppose it does it by modulating the electricity in the Chinese-made power supply unit so that it flows down the power lines even if you have no Ethernet device plugged in?

  6. unwarranted triumphalism

    Nuke it from orbit

    How about throwing it away and replacing it with a real computer instead?

  7. glnz

    How to scan for those files or folders? Not an Apple person.

    Really dumb Q but need your help because I am not an Apple person.

    Author writes:

    "… just in case, do a scan for the following files:

    /tmp/Updater.app/

    /Library/LaunchAgents/com.Eltima.UpdaterAgent.plist

    /Library/.rand/

    /Library/.rand/updateragent.app/

    If any of those exist, then you've got Proton on your computer. "

    So, how exactly does my wife scan for these on her iMac and MacBook Pro? She'll ask and I don't know.

    Thanks.

    1. diodesign (Written by Reg staff) Silver badge

      Re: How to scan for those files or folders? Not an Apple person.

      Open the Terminal app (in Applications->Other) to get a command prompt. Use the ls command to list info about the files, eg type:

      ls /tmp/Updater.app/

      Or rather type 'ls ' and then cut'n'paste the file name. Hit enter, and you should see:

      ls: /tmp/Updater.app/: No such file or directory

      Which means the directory doesn't exist so you're OK. Repeat this for the other files listed. You can quit Terminal when you're done.

      C.

  8. d2

    BGates,malware post mS

    https://www.youtube.com/watch?v=n9aYrURLHh0

    A Meticulous Analysis of History

    1,416,176 views

    Swalka1991

    Pinky and the Brain sing about the benefits of history.

    Well, Brain sings about that. Pinky sings about how boring it is XD

    ahh, good ol' boy.Billy, right from TheBrain's songbook:

    http://www.hangthebankers.com/the-bill-melinda-gates-foundation-exposed/

    ExxonMobil, BP, Chevron, DynCorp, G4S, Walmart and McDonald’s are just a few of the companies that the mega ‘charity’ supports.

    With an endowment larger than all but four of the world’s largest hedge funds, the Bill & Melinda Gates Foundation is easily one of the most powerful ‘charities’ in the world. According to its website, the organization “works to help all people lead healthy, productive lives.”

    https://thedailycoin.org/2017/02/09/india-kicks-bill-melinda-gates-foundation-video/

    India Kicks Out Bill & Melinda Gates Foundation (Video)

    TDC Note- It sounds like India has wised up to the Gates Foundation and their eugenics program.

  9. Robert D Bank

    Z/OS

    Never, ever, heard of a hack of IBM Z/OS operating system, despite roots dating back to the 60's, or any of the associated firmware for that matter. And it's backward compatible virtually all the way. System z roots may be many decades old, but MS, OSX, Android etc have a looong way to catch up, in so many ways. Meanwhile Z/OS has advanced beyond the shadow of prejudice to support anything the other O/S's can provide. Maybe not perfect, but which of these others even come close?

    Possibly annoying for some on this thread, but true nevertheless.

    1. Throatwarbler Mangrove Silver badge
      Coat

      Re: Z/OS

      "Meanwhile Z/OS has advanced beyond the shadow of prejudice to support anything the other O/S's can provide."

      Can it run Crysis?

      1. Robert D Bank

        Re: Z/OS

        dunno, I don't play computer games, no interest when reality can be so much more entertaining. If Crysis runs on Linux it probably can though, given Linux runs quite happily on the mainframe. Either way, not bothered. When you grow up we could talk about it down the pub.

        1. Charles 9 Silver badge

          Re: Z/OS

          Some of these games ARE grown up. They play games like that for a living. Look up Major League Gaming and the term PROFESSIONAL gamer.

      2. Androgynous Cow Herd

        Re: Z/OS

        "Can it run Crysis?"

        Yes, but only in text mode.

    2. amanfromMars 1 Silver badge

      Re: Z/OS .... $64,000/$64Trillion Question

      Meanwhile Z/OS has advanced beyond the shadow of prejudice to support anything the other O/S's can provide. Maybe not perfect, but which of these others even come close? .... Robert D Bank

      But does it provide for other supporting Operating Systems? That would be practically perfect and allow for virtually absolute command and control of every script programming future events?

      Or is that to be developed for some of those new fangled entangled conventional computers acting as quantum simulators ....... http://www.theregister.co.uk/2017/10/24/google_we_dont_have_a_quantum_computer_yet_but_we_have_a_compiler/

      Nice one, IBM. Way to Go.

      1. amanfromMars 1 Silver badge

        Re: Z/OS .... $64,000/$64Trillion Question

        Do IBM do Remote SMARTR ProgramMING of Advanced IntelAIgent Machines? ....... https://forums.theregister.co.uk/forum/1/2017/10/24/us_doj_limits_gagging_policies_microsoft_drops_lawsuit/#c_3326471

        They Provide Command and Control Of Every Future Targeted and Captivated. :-)

        Live Operational Virtual Environments Reign and Rule Supreme is AI Leading Program NEUKlearer HyperRadioProActive and Flash Crash Testing Vulnerable Fields of SCADA.

      2. Robert D Bank

        Re: Z/OS .... $64,000/$64Trillion Question

        Mainframes support z/OS, z/VM, z/VSE, Linux, and z/TPF operating systems (and VOS3 in Japan).

        You can also run a Z/OS emulator called zDT on a Linux platform, or host multiple Z/OS's under the z/VM hypervisor.

  10. eltima software

    Eltima Software

    In close cooperation with ESET and Apple representatives, we have applied all necessary measures to prevent further malware spread.

    Now we officially inform that Elmedia, Folx, as well as other our products are absolutely safe to install and malware-free.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020