Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Regarding the 'opener' malware script' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Regarding the 'opener' malware script
Authored by: Gordon Werner on Nov 02, '04 12:17:07AM

so how exactly is this thing installed? Is this a case of someone downloading stolen software or MP3s that really install this little application?

or what?



[ Reply to This | # ]
Regarding the 'opener' malware script
Authored by: virus1984 on Nov 02, '04 05:35:51AM

You have to install it yourself, manually. Installation requires admin priviledges...so it shouldn't be easy to get fooled into installing it.

---
Don't forget to think different.



[ Reply to This | # ]
Regarding the 'opener' malware script
Authored by: themacnut on Nov 02, '04 05:50:36AM

Opener can be disguised as a trojan in the form of an MP3 or stolen software-it can also be hidden in stolen software as an extra piece of code. You download it, run it and it does it's thing.

Also, someone else can physically sit in front of your Mac and download the script from a web or ftp site. Hence all the posts above about physically securing your machine when you're away from it.

Also since it's just a script and doesn't require an installer, someone sitting at your machine may not even need an admin password to run it-a shell script (which is what Opener is, IIRC)is just a text file until it's made executable.



---
The MacNut



[ Reply to This | # ]
Regarding the 'opener' malware script
Authored by: jimhoyt on Nov 02, '04 02:13:33PM
Malware such as "opener" can be placed into your StartupItems folder by any installer (even those you might find on such sites as VersionTracker) that requires an admin password. The new startup item will not necessarily be executed until you restart your Mac. All startup items are then executed with root rights.

Be very careful of everything that you install and backup regularly.

[ Reply to This | # ]
Regarding the 'opener' malware script
Authored by: Gordon Werner on Nov 04, '04 03:15:29PM

I guess this is my question ...

since you'd have to be pretty unwise to deliberately install this on your mac ... I was wondering how it is disguised so that I, and others, can avoid running into it ... i.e. if there is a specific MP3 file that does it ... or some other specific application.



[ Reply to This | # ]