“To see whether your Mac was infected by MaMi, go to System Preferences, click on the Network section and check the IP address of your DNS server. If it’s ‘18.104.22.168’ or ‘22.214.171.124,’ then you’ll need to change it to something benign, such as Google’s 126.96.36.199 or 188.8.131.52 or OpenDNS’s 208.67.2222.222 or 184.108.40.206,” Wagenseil reports. “Notice we said ‘was’ infected. The MaMi sample that Wardle found deleted itself after changing the DNS settings on his test machine, so even if you found a smoking-gun DNS setting, the malware that did it may be long gone.”
“To prevent infection by MaMi, use common sense. Every piece of Mac malware found in recent years has required user approval, presumably unwitting, to be installed,” Wagenseil reports. “So don’t authorize that Adobe Flash Player update, that video player you apparently need to see a clip of a naked celebrity, or that antivirus software that showed up in a pop-up window telling you your Mac was infected.”
Read more in the full article here.
MacDailyNews Take: Check your DNS settings ASAP!
Note: Apple Airport users on Wi-Fi can use their Mac’s AirPort Utility to see their routers’ DNS server addresses by clicking/tapping “Internet.”