Promenom DNS adresa preusmerava saobracaj preko svojih servera gde moze da kupi razne informacije sa racunara.
Potrebno je proveriti sledeca DNS podesavanja posto antivirus jos uvek ne detektuje pomenuti malware.“OSX/MaMi isn’t particularly advanced – but does alter infected systems in rather nasty and persistent ways,” Wardle writes.
“By installing a new root certificate and hijacking the DNS servers, the attackers can perform a variety of nefarious actions such as man-in-the-middle’ing traffic (perhaps to steal credentials, or inject ads)” or to insert cryptocurrency mining scripts into web pages.
Furthermore the malware’s reach is said to extend to things such as generating mouse events, taking screenshots, and more:
- Taking screenshots
- Generating simulated mouse events
- Perhaps persists as a launch item (programArguments, runAtLoad)
- Downloading & uploading files
- Executing commands
Izvor vesti: https://9to5mac.com/2018/01/15/macos...cking-malware/Currently, you can check to make sure you aren’t affected by launching System Preferences, heading into the Network menu, choosing “Advanced” and toggling over to the DNS menu. On that menu, keep an eye out for 82.163.143.135 and 82.163.142.137.
Takodje detaljnije opisano oko pronalazenja DNS adresa na racunaru: https://thehackernews.com/2018/01/ma...acker.html?m=1