[cjscheiner]

For the first time in 25 years of Mac use I think my computer has been infected with a Mac compatible malware. Here are the particulars. I was accessing my Yahoo email account (not this one!) using a PowerBook G4 Aluminum with OS10.4.11 and Safari 4.1.3. I opened a legitimate looking news link [ from sixnews 15. net (spaces added by me for security) ] that was part of an email from a trusted University based list serve, that maintains high security.

I subsequently found out that the news link had been resent, using my email address, to nearly thirty email addresses. I have no online address books - addresses are kept as a plain text document I copy and paste from, and some of the receivers are addresses not on my list, or even known to me.

The malware apparently auto-launched when I opened the URL. It seems to have randomly taken email addresses that were in my Yahoo "In" folder, used one address in the "To" line and 13 in the Bcc: line. It did this twice in quick succession but not since. I know this because I found the auto-sent messages in my Yahoo "Sent" folder. When I expanded the header I found that it had been originally sent from an ISP in Siberia that has been reported to do "Mail Server and Dictionary Attacks". (see https://www.projecth...ip_93.86.13.216). Several other people from the University list serve have made posts that their Yahoo email accounts have been effected. I checked my computer for the recent Mac Flashback Trojan malware, and that was not present. I do not have an OSX specific virus checker.

At the moment I am not sending anything from my Yahoo account, but I need to know what more I have to do to cure this problem. I can send more details from the expanded header of the responsible email if that would help. What ever it is, it got past the University's security system, the Yahoo security system, and the security system of a PC security savy person I know.
Cliff/C.J. Scheiner