Virus: 'OSX/Inqtana-B' detected in /Library/Printers/EPSON/
SP830Series.plugin/Contents/MacOS/SP830Series
Virus: 'OSX/Inqtana-B' detected in /Library/Printers/EPSON/C43Series.plugin/Contents/PDEs/
PrintSetting.plugin/Contents/MacOS/PrintSetting
Virus: 'OSX/Inqtana-B' detected
in /Library/Printers/EPSON/C44Series.plugin/Contents/PDEs/
PrintSetting.plugin/Contents/MacOS/PrintSetting
Virus: 'OSX/Inqtana-B' detected
in /Library/Printers/EPSON/PM860PT.plugin/
Contents/Utility/UTPM860PT.plugin/Contents/MacOS/UTPM860PT
Virus: 'OSX/Inqtana-B' detected
in /Applications/Microsoft Office 2004/Office/ShMem.bundle/
Contents/MacOS/ShMem
Virus: 'OSX/Inqtana-B' detected
in /System/Library/Extensions/
AppleVADriver.bundle/Contents/Resources/mp2decvbin1
Virus: 'OSX/Inqtana-B' detected
in /Applications/4D Client.app/Contents/4D Extensions/4D Carbon Support.bundle/Contents/MacOS/4D Carbon Support
-----------------------------------------
It would appear that Sophos may have a pretty big false positive issue on their hands....or at least I hope it is a false positive....more information to come.
The Sophos website seems to be running very slow (DoS'd), perhaps caused by this new detection issue.
Inqtana uses a Bluetooth vulnerability that was patched in Mid 2005, therefore most people saw the trojan as "low-risk". If my feelings are correct, the outcome of this false positive will be 100 times worse than the trojan itself.
UPDATE - 11:37AM Central
Sophos has pulled the IDE and confimed it was a false positive. Expect a new IDE within 45 mins.
No comments:
Post a Comment