| Author |
Topic: First Mac Virus |
Joey Ace
From:
Hamilton, Ontario, Canada
|
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 17 Feb 2006 8:50 am |
|
Subject: Incorrect reports of 'Mac OS X virus' begin to circulate
"For the first time Mac users around the world are the target of a
malicious code, security experts warn," Veronique De Freitas reports
for WebUser.com. "The virus, named OSX/Leap-A, spreads via the instant
messaging iChat program as a file called latestpics.tgz and attempts
to spread to contacts on an infected user's buddy list. According to
Sophos, when the latestpics.tgz file is opened it disguises itself
with a JPEG graphic icon to fool people into thinking it is harmless."
"According to Sophos, the recent increase in popularity of Mac
computers might be the reason for this attack. Until now, most virus
writers were targeting Windows users, but the Mac virus maybe an
attempt by someone to prove it could be done, the security company
warned," De Freitas reports. "Graham Cluley, senior technology
consultant for Sophos, said: 'Some owners of Mac computers have held
the belief that Mac OS X is incapable of harbouring computer viruses,
but Leap-A will leave them shell-shocked, as it shows that the malware
threat on Mac OS X is real. Apple Mac users need to be just as careful
running unknown or unsolicited code on their computers as their
friends and colleagues running Windows.'
"Security experts advice Mac users to ensure they run up-to-date
anti-virus software, but admit there are fewer anti-virus products for
Macintosh than Windows," De Freitas reports.
It's not the first time Mac users have been the target of a malicious
code. This example is not a virus. Leap-A will leave not leave anyone
"shell-shocked." There are fewer anti-virus products for Macintosh
than Windows because there are no Mac OS X viruses. Sophos themselves
do not classify Leap-A as a "virus."
http://www.sophos.com/virusinfo/analyses/osxleapa.html
Otherwise the article is correct. Of course, Apple Mac OS X users need
to be careful running unknown or unsolicited code on their computers.
This is what it's come to: making up a Mac OS X "virus" where none
exists. Another offender (so far) is The Inquirer:
http://www.theinquirer.net/?article=29753
------------------
Bob "Wiz" Feinberg
Moderator of the SGF Computers Forum
Visit my Wiztunes Steel Guitar website at: http://www.wiztunes.com/
or my computer troubleshooting website: Wizcrafts Computer Services,
or my Webmaster Services webpage |
|
|
|
b0b
From:
Cloverdale, CA, USA
|
Posted 17 Feb 2006 12:44 pm
|
|
I smell a new market for Norton.
Do you ever wonder who writes these things? |
|
|
|
Jeff Agnew
From:
Dallas, TX
|
Posted 18 Feb 2006 1:48 pm
|
|
Norton already makes a Mac A/V program, which has been out at least as far back as System 7, probably 6 as well (my memory fails me these days). Back in the early days I used to have a copy. I can't imagine why anyone would buy a copy now.
Regarding the malware described above, as with all Mac programs it also requires the user to enter an administrative password before it can be installed. Even if you're running an admin-level account. This is standard UNIX behavior. So the odds of accidentally installing it are slim and require multiple missteps.
Vista reportedly will offer this behavior, which is long overdue IMO. |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
|
|
|
b0b
From:
Cloverdale, CA, USA
|
Posted 21 Feb 2006 2:20 pm
|
|
| Quote: |
| Once installed it may delete files in a particular directory, only if the logged in user is running as Root (not likely). |
You really have to know how to stand on your head to be logged in as root on a Mac. Anyone with that level of expertise should know better than to "accidentally" install the Trojan. |
|
|
|
