Rixstep
 About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Home » Industry Watch » The Technological

Association of Fish & Wildlife Agencies

It's a conspiracy.


Get It

Try It

'The Association of Fish and Wildlife Agencies is the collective voice of North America's fish and wildlife agencies at every level of government', says the website.

'The Association provides member agencies and their senior staff with coordination services that range from migratory birds, fish habitat, and invasive species, to conservation education, leadership development, and international relations.'

'The Association represents its state agency members on Capitol Hill and before the Administration on key conservation and management policies, and works to ensure that all fish and wildlife entities work collaboratively on the most important issues. The Association also provides management and technical assistance to both new and current fish and wildlife leaders.'


And as of a few weeks ago the Association are also involved in trying to hack Apple computers.

'Billy_ca' brought the matter to everyone's attention back on 6 August at Ars.

Greetings Mac Arsians!

A trojan just attempted to attack me. Let me explain. I was just doing a Google Search looking for the blog of that health club shooter that's been all over the news, and one of the search results I clicked on immediately downloaded a 'player.dmg' which instantly mounted itself as 'install.pkg' and inside the mounted disk image there was an 'install.pkg' which auto-executed. Installer then opened and tried to begin installation of an app called 'MacCinema'. At that point everything stopped and Installer asked me to Continue with the installation.

Obviously I recognized right away that all this stank to high heaven and quitted everything right away, dismounted the image and put the downloaded file in the trash. I just thought I'd come here and post and warn everyone.

If any of you are computer wizards and want to investigate this, the site that has the malware is (I've deliberately not made a linkable url to protect anyone from accidentally clicking it) :

fishwildlife.org/lurd.php?sodini+blog

You can cut and paste the address into your browser to see the trojan in action for yourself. Just make sure that you quit Installer as soon as it opens. DO NOT CLICK ON 'CONTINUE'.

I've also taken a screen cap of my desktop so you can see what it tried to do.

PS. Also, does anyone know of any free Mac OS X utilities that can scan your machine for any sorts of Malware? I've heard of ClamXav but I was wondering if the Mac Ach community knew of other good ones their recommendations. I'm looking for something free and that absolutely does *not* run in the background. I just want to be able to scan a file or the hard drive at my command when I want it to.

So Billy_ca turned off the default safety measure in Safari so he could get malware directly on his system without needing to offer any assistance. He was smart enough in the second instance to not proceed but wasn't smart enough in the first instance.



Several people in the thread pointed this out to him of course. But what's interesting is the link he found. It's not likely the Association of Fish & Wildlife Agencies are going to be hosting any search results to Billy_ca's query. It's even less likely they're going to host multi-platform attacks. Unless of course they're full blown idiots.

What's even more interesting is that the attack URL isn't there anymore. Now considering the general IT IQ of organisations like this, what are the odds they found the exploit themselves and removed it? Not very good.



We have to further admit to the fact that hackers somehow got the exploit on the servers of the Association of Fish & Wildlife Agencies, were smart enough to remove it soon afterwards, and somehow managed to cover their tracks (as if anyone from the Association of Fish & Wildlife Agencies would be clued in enough to even look for them).

At this point there's only one thing that remains to look into. Namely what type of web server software the Association of Fish & Wildlife Agencies are running. This shouldn't come as a big surprise to anyone.


HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
X-Powered-By: ASP.NET
Date: Thu, 27 Aug 2009 14:26:46 GMT
Content-Type: text/html
Accept-Ranges: bytes
Last-Modified: Tue, 07 Jul 2009 21:03:43 GMT
Content-Length: 18291

Here's the irony: it takes Microsoft web server software to attack Apple computers.

That's another thing the world has to thank Bill Gates for.

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.