Wed Jul 7, 2010, 6:39 AM
Here's some disturbing news... something or somebody has attempted to access my Mac remotely twice in the last two days. Luckily, unlike most Mac users I have security software installed. Yeah for me! The software monitors and blocks all incoming and outgoing network connections unless I approve them. Unfortunately this means something has found backdoor access through one of the connections I've approved, I just don't know which. They've managed to open the security software and tried to create a new approved connection rule. The software is password protected and I think it's stopping them. Both times I've found the software open showing the "unapproved rules" window. Both times it was blank so I can't see where it's trying to connect to.
I'm pretty sure I know who is behind this. I'm almost certain somebody I had the misfortune of knowing had a keystroke monitor installed on my computer a few years ago. It's invisible to the computer admin, so I can't find it on the hard drive. I can't do a clean install to remove because I don't have all of the original disks for half the stuff on the computer. It's pointless to backup the hard drive to reinstall the system since a backup will include the spyware app. I think I've managed contain it using the system monitor and the security software. My guess is they are trying to open a connection so the spyware can upload the stolen info again.
I really need to find a way to find and delete this thing once and for all. If anyone has suggestions, I'm all ears! And Mac users beware, your computers are not as secure as you may think!
***Special message to any gypsy con artists who may be reading this: If I unlock it and trace it back to you or your running group friend who installed it... I won't sleep until your fat hairy ass is in jail where it belongs.
- Mood: Neutral
- Listening to: Nada
- Reading: Your journal!
- Watching: Nada
- Playing: Second Life
- Eating: Nada
- Drinking: Diet Coke
ouch, that nasty
I've used "Little Snitch" for a while, not because of spyware, but because I HATE the idea of being connected to the WWW without control of what goes in or out.