About
I am Methusela “Meths” Cebrian Ferrer a threat researcher based in Melbourne, Australia.
My day job comes first but I keep my personal interest here. I regularly update this with anything I find interesting specifically security threats targeting Macs and/or Apple users covering from malicious code, phishing, vulnerabilities, spam and web frauds.
I am open to any comment and suggestion please feel free to send me an email at ithreats (at) mac-exchange (dot) org
View Methusela Cebrian Ferrer’s profileLeave a Reply
Threat Researcher
Recent Comments
 | Scott on How to Remove Starfield |
 | Ratan on Summary of ASF File Speci… |
| loewenherz.cc… on Summary of ASF File Speci… | |
 | N. Cheatham on Analysis of OSX Starfield |
 | Rudolf Jockers on Just a note… |
You might want to add Intego’s Mac Security Blog to your AV Blogroll: http://blog.intego.com
Best,
Peter
Yes, no worries… I just added it.
Thank’s a lot you help me to delete a Trojan call MacAccess.A great great thank you and i hope you have not suffered from forrestfires.
Friendly
Dr.Jean Labbé
Hi Dr. Jean, Thanks for dropping by. I’m living around Melbourne CBD (central business district) which is 50-60Km away from the bushfire. We have been experiencing thick smoke and ashes for days now and it’s indeed horrible story for those affected.
can’t post on the “how to remove “macaccess” trojan” post. when I press submit comment, the page it takes me to just says “discard” in the upper left hand corner of the screen. I’ve posted my situation below, if you could help i’d be very grateful
downloaded it at:
http://booksinprint.osa.pl/db3/edition-with-guide-john1.html
Downloaded it when looking for an ebook. Knew something was wrong when nothing showed up in the applications folder. Did some quick research and came across a story on macworld about deleting trojans. I ran the sudo crontab -l command in terminal and got the following response:
Library/Internet Plug-Ins/plugins.settings”>/dev/null 2>&1
I then ran sudo crontab -r and since then have been getting the response “crontab: no crontab for root” when I run sudo crontab -l.
I turned my computer off for the night and the next time I logged in, I could not connect to the internet. I used my wife’s computer to look for more information and came across this site. After reading this article, I deleted the mozilla and adobe plugins (could not find the i386 or cron files) and downloaded a trial of virusbarrier and moved it over to my computer. Afte r scanning my computer, virusbarrier found the packages in the receipts folder. I deleted the entire “install.pkg” in the receipts folder. I have checked my settings in system preferences and terminal (using scutil and then the command “show State:/Network/Global/DNS”) and never found any foreign DNS servers. Despite all this, I am unable to connect to the internet. I can see my network in Airport, but when I run diagnostics, it says the problem is in Network Settings. The settings are exactly the same as my wife’s computer, save for the fact that in the Advanced menu under the TCP/IP tab, my computer does not specify the router. Could this be the problem, or is the malware still affecting me somehow? I have since run virusbarrier and it is not detecting any problems. let me know if I need to clarify anything.
Methusela,
Just visited your blog. Excellent work….
Joel
Methusela,
I visited your web site,,I really appreciated your work…
Realy good work, nice blog.
hi “Meths” this is “BB” i gone thru ur LNK File Format right nw im analysing the Exploit named as Trojan LNK/CplLnk.A(Norman).After the Structure of Unknowm,always Zero Contents the structure varies and offset changed.Kindly go thru the variant and let me knw.
“Ur Blog luks gud”
Nice to see more attention to the subject. Recently did a Tech Series for Apple in The Netherlands on Apple Security. Really think security for Mac and iOS devices will be important in 2011. If you’re interested you can follow my Apple Security twitter feed http://twitter.com/MASS_security
Hi,
What are you doing for ur living? Security researcher?
I was looking for some interesting things for our Apple/Mac area and find your Blog…
Nice work Meths.
Best Regards,
Samker
Security [CENTRAL] Forum
http://www.SCforum.info/
hi, this may not be related to mac, i want to congratulate you for a great website and your hobby of providing security solutions to mac users and people in need.
http://www.securelist.com/en/blog/6141/Apple_s_silent_updates