HOAX / Trojan Warning

Discussion in 'Malware Removal Assistance For Mac' started by Dawei, Nov 2, 2017.

  1. Dawei

    Dawei New Member

    Nov 2, 2017
    Athens, Ga
    mac OS X
    #1 Dawei, Nov 2, 2017
    Last edited by a moderator: Nov 2, 2017
    Device model:
    MacBook, macOS High Sierra
    Operating System and Version:
    Super User:
    Infection date and initial symptoms:
    November 2, 2017; pop-up received regarding backdoor trojan virus
    Current issues and symptoms:
    Steps taken in order to remove the infection:
    Clicked on a website that I scanned with VirusTotal and came up as innocuous; however, when I followed the link it directed to a website that stated I had been infected with a backdoor trojan virus, and warned not to close out the browser before calling a network administrator.

    I am pretty sure this is a hoax, but wanted to vet it with this community.

    I am attaching a screenshot of the pop-up I received and asking for any advice from those who are familiar with this type of malware. Thanks!

    Screen Shot 2017-11-02 at 3.00.43 PM.png
    julius.luck likes this.
  2. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    Windows 10
    You can rest and put your mind at ease, it was just a hoax. This is common behavior from scammers, who will attempt to trick the user into believing that they are required to make a call to the number (which is not always free to call); usually the scammer will social engineer you into agreeing to allow them to gain remote access to your system which would allow them to display fake error messages and scan results. The end result is trying to get you to pay for fake protection or the alike.

    The domain was registered at the end of the most recent month (26th October, 2017) and appears to have been last updated a few days shortly after the registration. The webpage will now redirect to the official Google page (do not attempt to view it again because it may be updated any-time to redirect elsewhere - you cannot trust the authors of such websites).

    If you happen to run into webpages which appear like this in the future, the likelihood is that they are not being truthful and that there is malicious intent behind it. In some scenarios, malicious software is pushed to the user whilst they are in belief that they will be "safe" again after installation - thankfully rogue security products have died down a lot lately.
    lowdetection likes this.
  3. lowdetection

    lowdetection Level 5

    Jul 1, 2017
    These videos explain perfectly the modus operandi of these scammers: Malcolm Merlyn

    The author of the channel, try to fight them in a creative way.

    Sometime they do bad things on your PC, if you let them remote control it.
    Opcode likes this.
  4. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    Windows 10
    @lowdetection My favourite of them all has to be the CEO of Malwarebytes who did a few scammer exposure videos himself a few years ago, I am sure you'll be able to find them on YouTube still to this day.
    lowdetection likes this.
Similar Threads Forum Date
Latest Facebook scam reuses old privacy hoax issue News Archive Sep 29, 2015
Privacy notice post spreading on Facebook a hoax News Archive Jan 7, 2015
Beware of Ebola-themed phishing, malware campaigns and hoaxes News Archive Oct 18, 2014