|
First Worm for Mac OS X Discovered |
|
|
|
Written by Kacey Green
|
|
Friday, 17 February 2006 |
 Security Bytes Reports : 2/15
Security experts say Leap-A isn't a particularly threatening worm. But it's significant in one way: It's the first piece of malware to target Apple Computer Inc.'s Mac OS X operating system, which many users consider a more secure alternative to Microsoft Windows.
"Some owners of Mac computers have held the belief that Mac OS X is incapable of harboring computer viruses, but Leap-A will leave them shell-shocked, as it shows that the malware threat on Mac OS X is real," Graham Cluley, senior technology consultant for UK-based AV firm Sophos, said in a statement. "Mac users shouldn't think it's okay to lie back and not worry about viruses."
Leap-A, also known as Oompa-A, spreads through the iChat instant messaging system, Sophos said. It forwards itself as a file called latestpics.tgz to contacts on the infected users' buddy list.
"When the latestpics.tgz file is opened on a computer it disguises itself with a .jpg graphic icon in an attempt to fool people into thinking it is harmless," Sophos said in its online analysis. "The worm uses the text 'oompa' as an infection marker in the resource forks of infected programs to prevent it from re-infecting the same files."
While the appearance of a Mac OS X worm is unfortunate, Cupertino, Calif.-based AV firm Symantec Corp. gave reasons why this particular worm is fairly easy to neutralize.
"This first Macintosh OS X threat is an example of the continuing spread of malicious code onto other platform," Vincent Weafer, senior director of Symantec Security Response, said in a statement. "However, this worm will not automatically infect, but will ask users to accept the file, giving potential victims a heads up and the opportunity to avoid infection. The important piece of advice for any iChat users running OSX 10.4 is not to accept file transfers, even if they come from someone on a buddy list."
I've always said that security through obscurity is never a good policy. While this virus isn't very harmful it will spawn many copycats, and one-upmanship. With Apple's recent switch to the Intel platform we may see Macs infected with OS (Operating System) independent x86 viruses. The new platform brings another virus threat, people who write viruses for Windows already know how to write for the x86 platform, they just have to learn the how to exploit OS X. Always use proper virus protection and keep it up-to-date. Also remember to patch your OS as recommended by your manufacturer or your distributor.
Trackback(0)
 |
|
Last Updated ( Sunday, 26 August 2007 )
|
Content Categories 
TrackBack URI for this entry
Subscribe to this comment's feed
Show/Hide comment form
