Good thing I always disable in Safari (General tab). Ooh, think I found a security hole in Spotlight / Quickview ?! Got me an 0day? A mere Quickview shouldn't cause Safari to download a file. If youre not signed in, youll be prompted to enter your Apple ID and password. If youre signed into your Mac with your Apple ID, your Apple ID will be the email address under your name in the left pane of the window. la TLD) it served up the malware via an ad. Its an icon containing a blue cloud on the left side of the window. Open ~/Library/Caches/Metadata/Safari/History/ĪHA! SOLVED! User was on that famous pirate ship torrent website (currently in the. Where from: name=Setup.exe&clickid=22484897226853631&appid=778, īut ~/Library/Safari/ist doesn't contain the strings zdurnalab, downloads-free-video, or Downloader! Here's what I figured out so far: Finder Info shows (under More info): cd41691ccb2181c1846/analysis/ is the download, which is infected with the Bundlore malware. Trying to get one of these tips to work.įound an malicious download on a Mac and trying to track down how it got there.
0 kommentar(er)
