[MacTUG] OSX/MaMi Malware Hijacks DNS, Takes Screenshots, More - The Mac Observer
m3griffi
m3griffi at uwaterloo.ca
Wed Jan 17 09:38:17 EST 2018
This is unlikely in our environment but better safe than sorry.
Marlon
"""
It’s easy to tell if you’ve been hit with OSX/MaMi by checking the DNS
entries on your Mac. You can do that by going to Apple menu > System
Preferences, Then do this:
Select Network
Click Advanced
Choose the DNS tab
Look for 82.163.143.135 and 82.163.142.137
If you see either of those IP addresses your Mac has been hit with
OSX/MaMi. It’s unclear right how which files need to be removed from
your Mac to remove the threat. Changing the DNS entries to something
else, like Google’s 8.8.8.8, seems to fix the problem for now.
As always, you can minimize the risk of installing the malware by
avoiding websites you don’t trust, not clicking on pop-ups or other
alerts on webpages, and not clicking links in email messages from people
you don’t know.
https://www.macobserver.com/news/osx-mami-malware-hijacks-dns/
"""
More information about the MacTUG
mailing list