First Mac OS X Worm a Wake-Up Call

via Wired, The Cult of Mac Blog:

Thursday, 16 February 2006
First Mac OS X Worm a Wake-Up Call
Topic: Apple
The first Mac OS X malware has been spotted in the wild, but it appears to be something of a damp squib.

Called Leap-A by anti-virus companies, the worm appears as a JPEG file that spreads via iChat to contacts on the infected user’s buddy list.

I’m not too worried about this one, but wonder how long it’ll be until I do need to worry.

According to a Symantec press release:

The worm makes use of the Spotlight search program, included in OSX, and will run each time the machine boots. It identifies any applications being started, and if iChat begins to run, the worm uses iChat to send the infected file – latestpics.tgz – to all contacts on the infected user’s buddy list. Those on the buddy list will then be asked to accept the file. If they do, the file will subsequently be saved to their hard drive. Files infected by OSX.Leap.A may be corrupted and may not run correctly.


Comments

  1. This really sucks. I don’t use iChat, I use AIM, but I’m not pleased at all about someone getting a worm into the Mac system.
    I have no doubt Mac will find a way to deal with it…..

  2. Read the Symantec analysis. The worm is not self-propogating; it requires your help (unlike code red, or the sql slammer worms).

    It arrives as a “tgz” file… that’s a gzipped archive. You are required to unzip it, and then execute it (by double-clicking, or via the command line)… so you have two chances to come to your senses before you install this puppy and allow it to spread.

    Good security-awareness habits should prevent this from becoming a problem.

  3. Gruntdoc, maybe I have not been reading your site as closely as I should. I didn’t realize you were a Mac guy.

    I bought my first Mac 2 years ago and never looked back. Pity the computer at work is a Windows system. Every time I use it I remember all over again why I switched.

    As to the worm, not to worry. OS X, as a Unix based system, is far less vulnerable to viruses than Windows systems. I doubt viruses will be a serious problem in the Mac world anytime soon.

  4. You’re not alone. I’ve been oh-so-blissfully aware that we Mac users have had it way too good for way too long; I fear becoming too complacent, because it’s inevitable (or nearly so) that someday, someone will write a worm/virus/what-have-you for the Mac, and I’ll get it (or rather, my Mac will).

    I also wonder about the new dual-core computers – there’s already been a lot of nonofficial talk about, say, making XP work on the new Macs. So if that happened, and folks caught these Windows virii on their Macs… I guess CW would say, well, they’ll stay on the PC side of the Mac. But I wonder. It could create opportunities for folks to make cross-platform nasties; for the challenge of it.

    But yes, we Mac folk need to not rest too easy. We can (and I do!)) lord it over our PC-loving buddies that we never have viruses or adware or spyware, but our day will come, and we need to be prepared for it.