Sophos Antivirus claims port 'zlib' ships a Virus/Spyware called "iPh/WireLurk-G"...
billc_lists at greenbuilder.com
Fri Sep 4 15:27:56 PDT 2015
Saw the same a few minutes ago myself.
On Fri, Sep 4, 2015 at 5:18 PM, Marko Käning <mk-macports at posteo.net> wrote:
> Hi folks,
> today I got a warning from my "Sophos Antivirus" w.r.t. MacPorts!!!
> It claimed that zlib’s dylib file
> carried a virus called
> and I wonder now whether this was
> - actually true or
> - a false positive or
> - whether Sophos is trying to trade snake oil to me…
> It was very weird, that at some stage the dylib file - despite being
> readable -
> $ ls -l /opt/local/lib/libz.1.2.8.dylib
> -rwxr-xr-x 1 root admin 76404 Nov 15 2013 /opt/local/lib/libz.1.2.8.dylib
> could _not_ be read by any user.
> Later it was readable again...
> Was I tricked by some OSX internals (triggered by Sophos’
> quarantine workflow)
> or indeed by a virus?
> Is there a way to verify whether the files installed by port “zlib” are
> actually those
> currently to be found in MacPorts’ own archives? Are there verifiable
> hashes for files
> installed by a port somewhere?
> macports-users mailing list
> macports-users at lists.macosforge.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the macports-users