Jump to content

Ah, the cynic...


Recommended Posts

I most certainly have a problem on my MacPro (old, "cheese-grader") work station. Somehow – somewhere on one of my internal drives, in one of my HD-bays here – there is some sort of R.A.T.

I keep getting intermittent emails "from myself" telling me I need to ante-up to a group of friends' Bitcoin account OR... they're gonna send all sorts of hideous garbage "to ALL" my Contacts. (Long story, I'll spare you the details.)

Question: After spending 2 days' research on TONS of sites dealing with 'RAT' issues (preventing/removing malware from our computers) – having found Malwarebytes mentioned quite admiringly in some of what I've read, recalling that my most-trusted Mac-guru once advised me to download Malwarebytes quite some time ago when I experienced something quite a bit less-onerous than my circumstances today – I figured I'd work with the 'try b-4 u buy' version in order to at least scan my computer/it's internal Network, to "see" "where" this garbage-ware-RAT is located, possibly be provided some avenue upon which I might start the work of getting rid of my problem.

However, in just seconds (REALLY fast; that's cool!) Malwarebytes gave me a Clean Bill of Health. (What?!) Then where, how are these goof-balls getting *some* "password information" that is correct? (MOST of the information they send me via email – to let me know they're "in" – is TOTALLY wrong. But some of it... These ain't easily found, published, "available" bits of information. I smell a RAT! But where?)

I'm thinking "Might Malwarebytes only be scanning my 'Macintosh HD'? Perhaps the 'RAT' is, instead, nested inside a file on one of my connected, INTERNAL HDD's!"

Does Malwarebytes scan one's entire network? Or does it only look at the "Macintosh HD"? I cannot tell by looking at the report it generated.

Thanks in advance, mm

Malwarebytes Scan 2018-10-08 at 3.53.39 PM.png

supposedly-hacked.png

Link to post
Share on other sites

Stop!

This is a well known and documented attack by cybercriminals discovered in late August that purchased the information on the dark web provided by somebody was able to hack into a Company database containing information you provided then harvested the info you are seeing in that message. They do not have the ability to do what they threaten and are only after your money. There is nothing on your Mac with regard to this threat for Malwarebytes to find. See: Who's Behind the Screencam Extortion Scam.

Here's what you need to do:

  • Visit Have I Been Pwned? and enter each of your e-mail addresses to find out who leaked your data.
  • Change the password for that e-mail, the company that was hacked and any other account where you have used the same password.
  • Delete and forget about that threatening e-mail.
Link to post
Share on other sites

But to answer your question directly, Malwarebytes only scans your boot drive. It's extremely unlikely that any other drive could be involved in a malware attack of any kind, let alone a RAT. The way Malwarebytes for Mac works is that it focuses on locations where malware has been found to date rather than scanning every file on every volume in your environment. That's why it's able to scan as fast as it does without interfering with your computer operation with unnecessarily background scanning every temporary file that will probably disappear before it can even be located and scanned.

Link to post
Share on other sites

  • Staff

As Al stated, that sounds like a typical e-mail extortion scam that's going around right now, and it uses information from past data breaches to make the e-mail sound convincing. Most likely, they have no access to any of your accounts at all, and it's possible to make an e-mail look like it came from a particular sender when it actually did not. It can't hurt to change your e-mail account password just to be safe, though.

Regarding your question about the scan speed, see:

https://support.malwarebytes.com/docs/DOC-1293

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.