SNGX1275
Posts: 10,615 +467
MilwaukeeMike - For now, it apparently is just checking in with botnet servers. I presume that it could so something malicious in the future, like use all the infected comps to attack a website. I haven't heard about it gathering data sniffing for passwords or anything, but I suppose that is a possibility too.
As I mentioned above (in response to the contents of the article) this thing doesn't attempt to install itself anymore once it discovers if you have any AV (or in the second instance if you have word, office, skype). It actually goes so far as to remove itself if it finds those. It is actively doing this.. for what reason? I don't know that answer, and why those apps? Wouldn't put it past some security consultant to have created this for one or more AV producers for Macs. I'm not saying thats the case, esp by backing out (if you didn't give it your password) when it sees word, office or skype. But it is odd.
As I mentioned above (in response to the contents of the article) this thing doesn't attempt to install itself anymore once it discovers if you have any AV (or in the second instance if you have word, office, skype). It actually goes so far as to remove itself if it finds those. It is actively doing this.. for what reason? I don't know that answer, and why those apps? Wouldn't put it past some security consultant to have created this for one or more AV producers for Macs. I'm not saying thats the case, esp by backing out (if you didn't give it your password) when it sees word, office or skype. But it is odd.