Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
OS X Security

New OS X Backdoor Malware Roping Macs Into Botnet 172

An anonymous reader writes New malware targeting Mac machines, opening backdoors on them and roping them into a botnet currently numbering around 17,000 zombies has been spotted. The malware, dubbed Mac.BackDoor.iWorm, targets computers running OS X and makes extensive use of encryption in its routines, Dr. Web researchers noted. What's even more interesting is that it gets the IP address of a valid command and control (C&C) server from a post on popular news site Reddit. The malware is capable of discovering what other software is installed on the machine, opening a port on it, and sending a query to a web server to acquire the addresses of the C&C servers.
This discussion has been archived. No new comments can be posted.

New OS X Backdoor Malware Roping Macs Into Botnet

Comments Filter:
  • Well (Score:5, Funny)

    by Anonymous Coward on Thursday October 02, 2014 @07:28AM (#48045711)

    I'm sure the botnet just works and that its a great feature.....

    • by Anonymous Coward

      Reddit?

      Will this one be popularly known as the Hipster Virus?

  • by gnasher719 ( 869701 ) on Thursday October 02, 2014 @07:29AM (#48045715)
    There is really no information here. How does it spread? Does it spread through utter user stupidity, or is it actually dangerous? It says infected Macs are added to a botnet of 17,000 computers - is that 16,999 PCs and one Mac, or 17,000 Macs?
    • Re: (Score:1, Funny)

      by morgauxo ( 974071 )

      >>Does it spread through utter user stupidity
      Duh, you have to use a Mac to get it!

      • by Anonymous Coward

        Hold on there, now.

        Apple pays some fairly smart people to use Macs. It's not all hairdressers and graphics designers.

      • by smallfries ( 601545 ) on Thursday October 02, 2014 @08:43AM (#48046185) Homepage

        Well I'm a mac user and I think that you'll find that I am quite superior to you in every way.

      • by LWATCDR ( 28044 )

        Considering the number of Windows machines on botnets.....

      • by cant_get_a_good_nick ( 172131 ) on Thursday October 02, 2014 @11:25AM (#48047645)

        Hmm, I've been on UNIX since SunOS days and Solaris was the new kid on the block. I've written a device driver that shipped in a commercial UNIX kernel. That said, I chose as my desktop a hybrid BSD/Microkernel architecture with POSIX compliance and a modern GUI. Or in other words, a Mac.

        Macs are not stupid, they are made to be simple to use. That external simplicity hides a deep complexity underneath. I think people who don't understand that making something complex to be simple to use is one of the hardest things in Computer Science. A good size for desktop computers now is about 8GB of RAM or more. At any given time, 8GB will give you 2^(8*(2^23)) states, which of course will change in a nanosecond. Mac OS tries to, as much as possible, hide the states that don't mean anything to you. It's not that the MacOS guys don't know they exist. They just feel YOU don't need to know they exist. Maybe they're wrong, but it's a conscious decision where they know the states that exist and they feel that showing the states is less helpful than the confusion it would engender.. Not stupidity.

        The main issue (and where you have a point though you exaggerate it way past its validity) is sometimes things are complex, and if you hide that complexity, you actually cause a disservice. Apple hides a lot of its security notices. As Macs become more and more of a target, they really need to not hide the complexity as much so that people can make valid choices on how to prevent malware infections.

        • [...] At any given time, 8GB will give you 2^(8*(2^23)) states, which of course will change in a nanosecond. [...]

          First of all, you mean 8 GiB, not 8 GB.

          8 GB is 8*(10^9) bytes, whereas 8 GiB is 8*(2^30) = 2^33 bytes.

          Secondly, 8 GiB is actually 2^(8*(2^33)) states, not 2^(8*(2^23)) states. (What you gave was the number of states for 8 MiB.)

          • Grrr, you're right. I did 8 * 2^10 * 2^10, when i should have done 8 * 2^10 * 2^10 * 2^10. Off by mega => giga.

            Thanks, my bad math. But if anything, this makes my point stronger rather than weaker.

          • anyone who isn't a little aspy knew what he was saying and doesn't care.
    • Don't worry! (Score:2, Informative)

      by Anonymous Coward

      > There is really no information here. How does it spread?

      You're using a Mac. You don't need to know *how* it works. It just works and is pretty! Cheer up!

    • by Anubis IV ( 1279820 ) on Thursday October 02, 2014 @10:12AM (#48047003)

      The fact that they're referring to it as iWorm, suggesting it's self-propagating, yet not describing the method of propagation, seems incredibly irresponsible to me.

      I read through both articles, and there's no mention of the following either:
      1) Does the app use a registered Developer ID or not? If not, then the malware is only capable of running on Macs of individuals who have changed the default behavior of the system to allow apps from any source (default behavior is to either only allow apps from the Mac App Store or only allow apps from registered developers...can't remember which). If so, then Apple can revoke the Developer ID in a silent update to prevent it from executing on any machine using default settings.

      2) Has Apple issued a malware definition update yet? OS X has had XProtect, a silent, built-in malware removal tool since 2011 or so, that pulls down malware definition updates on a daily basis in the background and both works to prevent malware installations as well as removes them if they are found. By the time malware gets widely reported enough that sites like Slashdot are reporting it, Apple has usually already issued an update to prevent further infections and eliminates the existing ones. Given that those articles are from a few days ago, Apple may have already done so in this case.

      3) What systems does it infect? If it really is a worm that only has 17,000 computers, it may just be a case of exploiting a known bug in versions of the OS that haven't been supported for years. Or it may be that it's a brand new threat exploiting the latest version of the OS. We have no way of knowing, based on the shoddy reporting by the researchers.

      4) Do users still get the default prompt that they're executing an app for the first time, or does it circumvent that somehow?

      Basically, we know nothing about it or how dangerous is actually is, thanks to the researchers withholding everything about it.

      • these are all really great questions and I would like to know the answers. Meanwhile, here's a bit of extra info from TFA: "The reddit.com search returns a web page containing the list of botnet C&C servers and ports published by criminals in comments to the post minecraftserverlists under the account vtnhiaovyd."

        so its clear that the user vtnhiaovyd is a 14yo minecraft fan who probably developed this extensive botnet as a way to farm gold or whatever you do in minecraft.
      • Good questions indeed. Apple has rolled out a "Safari Update" on Sept 29th, but there seems to be more to it, however, apple is very secretive about the security updates. Something I really dislike about them:
        http://support.apple.com/kb/HT... [apple.com]

    • by maestroX ( 1061960 ) on Thursday October 02, 2014 @10:45AM (#48047319)
      Mac?
      Windows 7 is simply Microsoft's best operating system ever. Mac fanboys should worry and circle together in defensive posture.
      [203.0.113.201, 198.51.100.2, 169.254.1.19, 172.16.1.2, 203.2.11.2,]
      • Windows 7 is simply Microsoft's best operating system ever.

        As a user of both Windows and OS X, I would wholeheartedly agree.

        Too bad Microsoft threw it away...

  • What's even more interesting is that it gets the IP address of a valid command and control (C&C) server from a post on popular news site Reddit. The malware is capable of discovering what other software is installed on the machine, opening a port on it, and sending a query to a web server to acquire the addresses of the C&C servers.

    It's a likely bet that it's been configured to find valid C&C IP addresses from other sites, too--Reddit is a high-volume user generated content site, with a lot of existing spam/troll fighting technology in place. So it's pretty likely this avenue will get blocked soon (if Reddit isn't working on it already) and the next large public-site gets rolled over to.

    It's devious and brilliant, to use a public site... More devious if they built it smart enough that Reddit can't block it programatically.

  • by Pope ( 17780 )

    Fucking reddit. *shakes fist*

  • by OzPeter ( 195038 ) on Thursday October 02, 2014 @07:32AM (#48045737)

    But then .. from TFA

    Unfortunately, the researchers didn't mention how the malware spreads, but they shared that it is unpacked into the /Library/Application Support/JavaW directory, poses as the application com.JavaW, and sets itself to autostart.

    So for all I know, this could either be a world shattering event where by zero day exploits are being used on OSX to leverage malware.

    OR it could be like the HK protesters where by you needed to J/B your phone first.

    So I am reserving my panic until I know more.

    • Given that most Macs can't run untrusted software, the mostly likely vector for malware is a trojan. Possibly attached to pirate versions of well known applications. Users of such pirate software would expect to have to explicitly give permission to untrusted software.

      • Comment removed (Score:4, Informative)

        by account_deleted ( 4530225 ) on Thursday October 02, 2014 @08:10AM (#48045953)
        Comment removed based on user account deletion
        • Re: (Score:3, Informative)

          by BasilBrush ( 643681 )

          So...they get infected just like Windows does?

          Just like ANY OS that accepts 3rd party software does.

          Your homophobia is noted.

        • Re: (Score:3, Insightful)

          by gtall ( 79522 )

          What's really weird is that you consider a sexual slur integral to your argument.

        • by jedidiah ( 1196 )

          I think the last batch of infections around here came from programs masquerading as DATA. These programs masquerading as DATA were "installed" by trying to view the DATA as it came to the user in the platform vendors email program.

          This is not quite your Android style Trojan.

          Someone chose to blur the line between data and programs and confuse the end user and to seek to keep them ignorant.

          DATA (untrusted) being treated as a program is also the essence of the Shellshock bug and is boneheadedly intolerable fo

        • by Anonymous Coward

          How can Macs be for homosexuals when it's Windows that is designed to be backdoored . . .

      • by amiga3D ( 567632 ) on Thursday October 02, 2014 @09:40AM (#48046643)

        I run little snitch on my Macs and I'm constantly amazed at how many of my programs want to talk to some site or other. It's annoying because I have to research and see why they want to contact these places and what exactly is going on. I find that if I just block them it's almost never a problem though.

        • Non-App Store programs often check for software updates on a regular basis. Worst are those that autorun a daemon specifically for this: Adobe is one of the worst offenders (and indeed many other software crimes.)

          Have you spotted any other common categories of why they might do so?

          • by amiga3D ( 567632 )

            One program's author told me he had it sending him certain usage info. I never really got what he was talking about so I muzzled the software. It don't have shit to say no more. I cheerfully paid the Little Snitch author. Wonderful and easy to use software it is.

      • I would say most macs can run untrusted software.
        First of all plenty of users are still in 10.6.xx and further more every "power" user changes the settings. As it is super annoying to be asked every time if you want to start this "untrusted application". For some reason there is no: "never ask again for this app" option.

  • by shortscruffydave ( 638529 ) on Thursday October 02, 2014 @07:36AM (#48045753)

    The backdoor applies the MD5 hash function to the value and sends a query to reddit.com. The query template is as follows: https://www.reddit.com/search?... [reddit.com] Here MD5_hash_first8 is the value of the first 8 bytes of the MD5 hash value from the current date. The reddit.com search returns a web page containing the list of botnet C&C servers and ports published by criminals in comments to the post minecraftserverlists under the account vtnhiaovyd.

    So...get Reddit to nix this query and deny the functionality to the botnet?

  • by ruir ( 2709173 ) on Thursday October 02, 2014 @07:44AM (#48045791)
    And to get it you have to be fairly dumb. Fake sites for subtitles that just propagate your google query to "match" the name of the film you are search, and instead of giving you a zip with the subtitle, return a dmg file. But then, you have to click on it, click to install the binary, and give a password....So as I say you have to be pretty stupid to install the malware yourself.
    • And since the average mac user thinks their machine is impervious to viruses...alot of them would see no issue in running it

      • by ruir ( 2709173 ) on Thursday October 02, 2014 @07:54AM (#48045851)
        Viruses and malware are two different beasts altogether.
      • And this differs from the average user of every other consumer or business platform in what way, again? I mean, average Windows or Android users may not "think their machine is impervious to viruses", but they seem to "see no issue in" downloading random "music" or "videos" or "software" from even the skankiest sources.

        It used to be that a combination of perhaps-somewhat-better security design and low platform population kept Mac users relatively safe even in the face of "average" ignorance and complacency.

        • And this differs from the average user of every other consumer or business platform in what way, again? I mean, average Windows or Android users may not "think their machine is impervious to viruses", but they seem to "see no issue in" downloading random "music" or "videos" or "software" from even the skankiest sources.

          As an example, I recently started getting quite a few emails with a .zip attachment, and inside a .doc.scr file, which is (I guess) a windows screen saver. Obviously this doesn't work on my Mac, but if it did work, I'd have to unzip manually, ignore the highly suspicious .doc.scr extension, launch it, and then wilfully ignore two warnings that my Mac gives. Not sure if it gets unzipped automatically on Windows, but I think Windows would show a .doc extension, and at least on older Windows versions this will

          • by cycler ( 31440 )

            To clearify,

            if Windows is set to not show extensions your file would be shown as $filename.doc
            Random user wouldn't notice and think it is a Word document and double-click on it.

            /C

            • by jedidiah ( 1196 )

              ...and the OS should have promptly informed them that they were about to run a program.

              HELL, the OS probably should have informed them that the file was named in a suspicious fashion likely to cause confusion. Something like ".*." should be easy enough to spot and be on the lookout for.

              The file is obviously suspicious. It does not require strong AI in order to see this.

              This little bit of nonsense has been a problem for so long that Microsoft should have adapted to deal with the situation by now.

              It also high

          • This works because Windows hides file extensions by default. (I change this on my boxes.) It also handles Zip files as if they were folders. So you would (if you took all the steps the virus author hopes you'll take) download "Really_Important_Document" (with the .zip hidden), open it up and see "Really_Important_Document.doc" (with a .scr on the end hidden). Seeing this, you'd forget all about this hidden file extension stuff and say ".doc is a Word document, I'll open it!" Of course, it would lauch t

        • by ruir ( 2709173 )
          The "niche market" is a myth and forgetting history. OS/9 had a lot less margin of adoption and market, however as it was a shitty OS, had as much or more viruses than the alternatives. As far as I remember something in the line of 30 000 viruses as much as I recall.
          • by Megane ( 129182 )

            as it was a shitty OS

            It was a pretty damn good OS... for the 1980s. When it was new, PCs were still using MS-DOS 2.x or so.

            • by mlts ( 1038732 ) on Thursday October 02, 2014 @09:09AM (#48046371)

              OS9? When System 7 was out, MS-DOS was at 5.x, and Windows was at 3.1.

              Before OS X, MacOS was getting pretty shaky. It had no preemptive multitasking ability (well, except for A/UX and that was a completely different animal), which meant that any program that didn't use WaitNextEvent() often would hang the box, forcing one to reach for the debug/reset switch or power off button. It did show how relatively robust HFS (not HFS+, HFS) was because it handled dirty restarts quite well.

              In fact, at that era, restarts were a matter of course. If you had to get a project done, restart beforehand, restart afterwards, and maybe a restart every few hours on a prophylactic basis.

              OS X was a major upgrade. It didn't just fix problems with Macs that were issues since the MultiFinder days of System 6, but added real security and user separation which previously could only be put in place by third party software and various hacks (using PBSetCatInfo() to hide folders, etc.)

              • by Anonymous Coward on Thursday October 02, 2014 @11:09AM (#48047507)

                It's good to note for the uninformed, though, that old MacOS is a completely different codebase from a completely different source than OS X. It's not like they went through some internal process and evolved MacOS into OS X and it's some sort of continuation. Steve Jobs left and founded NeXT computer, which sold graphical workstations with a totally new OS (NeXTStep), which was a Unix derivative in terms of design, API, etc based on a core from BSD. Later, when Steve returned to Apple, he brought NeXTStep back with him. They rebranded and rejiggered NeXTStep a bit and then started calling *that* OS X. The old Mac codebase died and was replaced; it did not evolve.

            • by ruir ( 2709173 )
              yeah, and by the early 90s was a piece of garbage. I remember fairly well using from DOS in XT to several Unix variants, later (or not so later) on more potent hardware, including SCO V.
          • by Anonymous Coward

            30k viruses when Symantec listed 65,000 for windows. So MacOS 9 was half as shitty as Windows XP.

            MacOS 9 had the best audio software before windows: Vision, Cubase, Pro Tools, ReBirth all perfected on Mac before porting to Windows.

          • Im not sure about MacOS9, i was off macs by then, but in System 7 days, DOS/Windows3.1/Win95 had tens of thousands of viruses, and Mac OS7 had literally about 7. I doubt it jumped that much in a couple years.

            Windows (up until XP) still had a DOS core. It was SO easy to write a Windows virus, almost trivial. Macs on the other hand had no command shell, so everything needed to be system calls. Also, it was a new processor, Motorola 68K to Intel `86, so machine code was different. Then, byt the time MacOS

            • by ruir ( 2709173 )
              check your data please. It was a Motorola, and very common at that time. It is easy just to invent stuff.
        • by jedidiah ( 1196 )

          There should be no problem downloading DATA from the skankiest sources. The very idea that anyone needs to be paranoid about that sort of thing just demonstrates just how badly things have gotten both with platforms and the level of ignorance we expect out of end users.

          There should be a clear line between data and programs. Operating systems should enforce it and end users should be aware of it.

          • As a web developer, I *NEVER* trust the data. Especially if it's coming from an untrustworthy source. And the most untrustworthy source is the user. ("Enter a number" "1; Delete * from Users") Of course, I build protections in my code to prevent this bad data from causing problems. I can't say the same for every program, though. Some programs will take bad data and turn it into an exploit. Yes, it is the program that is at fault, but you can't be too careful and shouldn't just trust something becau

      • by Vokkyt ( 739289 )

        Eh, most probably couldn't. If it's not a trusted developer, by default they cannot install it (a la apt-get or other package managers). They would have to have the known how and awareness to go in and change it to accept all installers, which I don't think many will.

      • And since the average mac user thinks their machine is impervious to viruses...alot of them would see no issue in running it

        I think you will find the average Mac user is more intelligent than that. The less technical inclined see two rather dire warnings which would stop them. The more technical inclined know the difference between "trojan" and "virus" and don't even need the warnings.

      • by amiga3D ( 567632 )

        That's what he said, you have to be an idiot.

    • If a subtitle comes in a zip by itself instead of a plain text document, you are doing it VERY WRONG. There is no legit reason to zip up a text file like that.
      • by ruir ( 2709173 )
        I see you are not used to download subtitles. While I agree entirely with you in the theory part, however thats how many prominent sites are delivering them nowadays. Maybe because they often put there extra file with credits, and more rarely, multi-language subtitles packs.
        • I have Dl'ed subtitles in zip in the past, but there are other methods i choose to use instead. If the subtitle is zipped, it usually means people are forcing you to use a mechanism to suit their ends. It is plain text, there is very little legitimate reason to zip it unless you are trying to obfuscate or force an action (click a link, look at ads, etc). Multi-langs are easily handled with separate links. I dont support those kinds of models for distributing PLAIN TEXT, its dumb. Nowadays i just use the bui
  • To the hecklers... (Score:5, Interesting)

    by Ronin Developer ( 67677 ) on Thursday October 02, 2014 @08:38AM (#48046153)

    There is a common believe that Macs don't get viruses or could, possible, be susceptible to malware. This week, we have seen several issues that first threaten the *nix community (which, OSX is built upon). The first was the bash bug. The second is a worm that is capable of infecting a Mac system. A few months ago, we had Heartbleed that again, was cross platform.

    Yes...the Bash Bug - affects *nix machines including Macs. That means the Linux user is just as exposed. It does mean, in this particular instance, that Windows users get a break.

    The Mac, link linux, has proven relatively immune to computer viruses. How many people do you know run anti-virus and/or anti-malware software on the linux desktops or servers? Exactly. The Mac is built on top of an *nix core, but is far more usable by the average user. However, when the built in safeguards are disabled, it's possible to install malware. And, it's very possible that the attack vector is an exploit of the bash bug. We don't know the method or attack vector used to infect those machines (in either of the two articles on Dr. Web). Likely, users downloaded and installed an unsigned OSX application which, unlike having to jailbreak your phone, is easy to do. That unsigned app carried and installed the worm. I say" likely", because we just don't know enough yet.

    For those who aren't aware, Apple has a app store for OSX apps in addition to the iOS app store. Like it's counterpart, apps are checked by Apple and are digitally signed. A developer must belong to the Macintosh Developer network to sign their apps and have them sold through the app store. You always have the option to install apps from other sources, but they are unchecked and unsigned. And, you take your chances, just as on other platforms, if you download and install unknown code.

    Apple has taken a beating these past couple of weeks on multiple fronts. The Apple haters are in full force. But, in this case, we don't know how the malware/worm was installed. So, is it fair to bust Apple's chops over it without knowing the root cause?

    • by mlts ( 1038732 )

      More details would be useful. Is this a Java hole, or is it just another Trojan such as when there was a pirated version of iWork out a few years ago (when it was a paid product?) Is it even a hole in Safari or another browser which gets a user's context? This seems unlikely because of the SeatBelt facility which uses sandbox_init() to keep the Web browser contained so a malicious process wouldn't be able to do much even if it got root access via the Web browser's context.

      One reason why Linux and Macs ha

    • Gatekeeper [wikipedia.org] actually has three levels. Most restrictive only allows app store. Default allows App store and signed apps from known developers. To install unsigned apps, you have to disable Gatekeeper, with a warning about possible risk.
      • by dgatwood ( 11270 )

        To install unsigned apps, you have to disable Gatekeeper, with a warning about possible risk.

        No, you don't. Just control-click in Finder, and choose "Open". That, unlike the normal double-click launch, bypasses Gatekeeper's prohibition on untrusted apps, instead presenting a security dialog that tells you that the app is untrusted, and asks you if you want to launch it anyway. If you tell it to do so, OS X computes a checksum for the app and adds hat signature to a list of trusted apps, ensuring that you

    • by sudon't ( 580652 )

      The Apple haters are [out] in full force. So, is it fair to bust Apple's chops over it without knowing the root cause?

      This is a rare opportunity. Jeez, let them enjoy themselves a little.

    • Isn't Java not installed by default since the last few OS X versions anyway? You can get by just fine without Java, Flash and Silverlight these days.

      You don't really need Java for most websites in 2014.
      You don't need Flash since YouTube has HTML5 support.
      You don't need Silverlight if you watch Netflix on your iPhone/iPad/Apple TV/etc.

    • And, it's very possible that the attack vector is an exploit of the bash bug.
      That is very unlikely. If you already have downloaded my malicious code and you are already running my malicious code, why should I need a bug in a shell to do my malicious deeds?

    • by kesuki ( 321456 )

      Macs have never been immune to viruses.

      the reason windows needs AV protection to run safely is because one account can overwrite critical OS files replacing them with malware infested fake software, and everyone by default starts out with ability to install any program including malware that later will get the special administrator privileges (on a reboot) needed to permanently infect the machine.

      heartbleed and shellshock are nasty but a well hardened install will not be a problem, as the users dumb enough

    • Shellshock, the "bash bug" won't affect the majority of Mac users and Linux users. It requires you to be running a CGI server or have SSH access. Two things that, by default, certainly won't happen on a mac and unlikely to be the case on many average user Linux machines especially if their main machine is a laptop. It's more of a concern because it could mean your data on websites like your bank could be in trouble rather than someone getting into your own machine.
  • by FellowConspirator ( 882908 ) on Thursday October 02, 2014 @09:44AM (#48046699)

    A regular user process is not going to be able to create the sub-directory in Application Support or install the launchd file to auto-start the service. For that, you'd need admin privilege, which has to be given explicitly by a member of the admin group. To get there, it has to trick an admin user to explicitly install it (in which case, it's not a worm/virus, it's a trojan), or it has to remotely trick an OS X application that runs as root or has admin privilege to do so -- but there's not much opportunity there as most services don't accept incoming connections, and those that do generally generally run as an unprivileged user. Looking at my Mac, the only service that can be connected to remotely and has sufficient privilege (if enabled) is SSH. Macs don't have that enabled by default.

  • Okay, I was curious about this one. According to the article here [drweb.com], they:
    1. 1. Work out the number of days since January 1st, 1900 (it doesn't say that explicitely, but gives tm->tm_yday + 365 * tm->tm_year). Today, that would be 41883
    2. 2. Work out the md5 hash of that, which would be ffeac4e88ea3d3c65678fcd434a65f83 for today
    3. 3. Truncate it to eight bytes, so ffeac4e8
    4. 4. Search it on Reddit with https://www.reddit.com/search?... [reddit.com]

    That gives no result, neither does the previous day (4cb43551) or even a coup

  • by Anonymous Coward

    To check to see if you are infected, go to the Finder and choose 'Go to Folder' from the 'Go' menu. Copy the following path and paste it into the window that opens: /Library/Application Support/JavaW
    Then, click the 'Go' button. If you just get a beep, and the window displays a message in the bottom left corner that the folder can’t be found, then you should be okay.

    source: http://www.thesafemac.com/dr-web-announces-new-iworm-malware/

    • Or, launch terminal, navigate to the application support folder, and see if the file is there. You know, like a real man.
  • I found out early this morning that i had the malware. Deleted the executable and the startup plist file. I had not updated my os in a few months. So I did that. I am now backing up vital files for a reinstall. Sigh. Right before Yosemite goes final. So installs, installs. Backups, backups. Etc. I had a pirated a copy of photoshop cc 2014 from pirate bay. (yeah i am utterly broke and unemployed, and i had launched it only once to export one file to a specific format). And as far as i can see right now that

"Being against torture ought to be sort of a multipartisan thing." -- Karl Lehenbauer, as amended by Jeff Daiell, a Libertarian

Working...