Skip to content

Safari Browser User Settings Cracked

Pre-emptive Update: Turns out my assumptions were all wrong and this entire post is incorrect. Safari on both my laptop and iPhone are fine; hackers found an old WordPress blog on my website that I stopped caring about and updating, and used it to infiltrate the site and related websites.

Deprecated material:

    Moral of the story: be careful which open wireless networks you join.

    I run Safari 4.03 (5531.9) on Mac OS X 10.5.8 with all the latest updates on my laptop.
    I took a lovely trip to Baltimore this weekend (more on that elsewhere) and tried guessing the hotel’s wireless network rather than reading the brochures (which were not clear anyway) or calling the front desk for the correct SSID. I must have signed into a malware infested wireless service, because the normal user account I normally use on my laptop has it’s Safari library files for that userid messed up. When I try to visit my own websites, I get what looks like the Google Safe Browsing alert warning me that my own websites are suspected of having malware.

    The page is not real; though it does link to Google’s own page of warnings if you click for more information.
    The payload of this malware does not appear to work properly, or I have no discovered it yet – it is just frustrating.

    I checked my own sites on a different computer in a different browser, you can do this too: (just replace with whatever site you want to check).

    If Google really is listing your website as suspect, you’ll have more work to do. In this case my sites come up clean; which means my Safari is “pwned” – damn. I visited my websites as another user on the infected computer, and Safari for all users other than my own are clean; so it only impacts the user who connected to the LAN. I also visited my websites from several other computers, they all come up clean.

    So now I need to figure out how to purge the malware from within Safari’s user library files on my phone and on my laptop (both got infected).

Post a Comment

Your email is never published nor shared. Required fields are marked *