Leopard Lion Mavericks Monterey Snow Leopard Software

Support-LogMeInRescue.app is a Trojan Horse application

Post Reply
macosx / yosemite     Views: 1858Prev .. Next
Support-LogMeInRescue.app is a Trojan Horse applicationPosted: Monday, November 17, 2014 [12:57:37] - 1
rootPosted by:rootMember Since:
June 16 2010
Posts: 357
Here is my experience with Support-LogMeInRescue.app
If you ever came across the webpage where you can not get rid of pop-up with a phone number to call for support. Phone number is toll free in US 1-800-680-4131
I decided to go ahead and go through the whole thing.
First I was placed on-hold for 5 minutes and then a nice person told me to "Force quit" Safari.
Then he suggested to start Safari holding Shift key (open fresh copy without all windows from the last session).
Then we went on
to download a copy of Support-LogMeInRescue.app software with special six digit code.
I downloaded it and when started, software immediately asks for your permission to share screen and allow use of administrative privileges.

What I failed to mention is I run a copy of Debookee at the same time to record all outgoing and incoming connections. I know, I should've run the WireShark, I know.

Almost immediately after clicking "OK"I shut-down my Wi-Fi connection from the laptop.

- Support-LogMeInRescue.app will not quit other than Force Quit or killall in Terminal
- It moves itself to /private/var/tmp folder, effectively removing itself from Download folder
- it creates auto launch record at login and load (effectively after reboot or login)

in my case it created a launch record: "/var/tmp/LogMeIn Rescue - 0FE5/Support-LogMeInRescue.app/Contents/MacOS/Support-LogMeInRescue" -reboot

I strongly suspect once launched - it will have too many rights to grab passwords, logins and many other privileges I would not give away without knowledge.There's no place like ~
macosx / yosemitePrev .. Next
Post Reply
Home - Macosx: Leopard Lion Mavericks Monterey Snow Leopard Software
Our Telegram Group