View Full Version : Mac virus found


Boyd Ostroff
February 16th, 2006, 09:28 PM
Hey, it's about time we started catching up with Windows and got a virus all our own! As it turns out, this one isn't too scary...

http://yahoo.reuters.com/stocks/QuoteCompanyNewsArticle.aspx?storyID=urn:newsml:reuters.com:20060217:MTFH73192_2006-02-17_01-25-02_N16227596&symbol=AAPL.O

"This first Macintosh OS X threat is an example of the continuing spread of malicious code on to other platforms," said Vincent Weafer, senior director at Symantec Security Response, in a statement.

The worm will not automatically infect Mac computers, but will ask users to accept the file, Weafer said.

Nate Schmidt
February 16th, 2006, 10:25 PM
That's a burn.

Mike Phan
February 17th, 2006, 01:38 AM
Just to comment that, Yahoo did not fully research the issue. This virus is a very low threat and has only seen them on the first revs of the Intel-based Macs. I'm not really a fan of Intel and hope to get my hands on the quad before they stop selling that and switch fully to intel. That's my 2 cents.

Brett Whited
February 17th, 2006, 08:03 AM
Just to comment that, Yahoo did not fully research the issue. This virus is a very low threat and has only seen them on the first revs of the Intel-based Macs. I'm not really a fan of Intel and hope to get my hands on the quad before they stop selling that and switch fully to intel. That's my 2 cents.

It's not the chip that brings the viruses, its the OS.

Vic Owen
February 17th, 2006, 10:55 AM
Yep, you can just visualize the Windoze users cheering! It is, as mentioned, pretty innocuous. There is also an article over at Macfixit:

http://www.macfixit.com/

All things considered, we have a l-o-n-g way to go to catch up. (BTW, who would use their editing suite to do IM?)

Cole McDonald
February 17th, 2006, 11:17 AM
it's not the chip or the OS, it's the virus writers and, in this case, the users who click on it several times and enter an administrative password to get it to install.

it's a trojan horse that uses people's gullibility to distribute itself. This is not yet a virus...still waiting.

I can write an applescript that will do this same thing in about 5 minutes, and that's been available on the mac platform for years!

Brett Whited
February 17th, 2006, 11:46 AM
I agree with you Cole, but in the point he made, it was pointing to the hardware of the computer. I was simply saying that it is the operating system (software) that is the thing that viruses go for. They are just programs that take advantage of exploits in the code of the software. Macs don't "have" viruses because no one is going to look really hard for exploits, or write a malicious virus for an OS that only a very small percentage of people use. It's not worth their time. However, Macs are becoming more popular, so this is an issue on the rise... Sorry for being so nerdy, but hey, I'm an IT guy, so I have to be.... it's my job. :)

Mike Phan
February 17th, 2006, 11:49 AM
I agree its a SW issue but the OS X for coding a bit different to be on the new Intel chip, that's where the vulnernability is. So either way, i'm not sure how this whole Intel move is going to be. But whatever it is i'm not goin to hold my breath.

Keith Loh
February 17th, 2006, 01:01 PM
All things considered, we have a l-o-n-g way to go to catch up. (BTW, who would use their editing suite to do IM?)
Uh... people who can only afford ONE computer or only have space for ONE computer. Vic, not everyone has hooped up editing 'suite'.

The same thing goes with the administrator risk. If you only have one computer then the user of that computer is probably going to be the administrator on it! Yes, I know that it is SOP not to be logged in as administrator but, out of the box, isn't being the administrator default? I would warrant there are many users who not bother to change from being administrator.

Keith Loh
February 17th, 2006, 01:08 PM
I agree its a SW issue but the OS X for coding a bit different to be on the new Intel chip, that's where the vulnernability is.
Mike, I don't know how you can say "that's where the vulnernability is" when you have no idea how the coding would be "a bit different to be on the new Intel chip". This exploit is clearly on a higher level than OS / chip. It is not very sophisticated, relying on software (iChat) that runs on a higher level.

---

oh BTW, I've been informed that default root level access is not set on OSX, so I was wrong there. Anyway, hands up Mac Users. How many of you are right now using admin accounts? :)

Keith Loh
February 17th, 2006, 01:22 PM
This is the most detailed post I've found on it from the good guys at Ambrosia Software. (Back when I was a Mac user I must have played "Maelstrom" a million times).

Anyway this post is the first one I've seen that says that it appears like a simple jpeg, which encourages the user to open it in order to see what it is. Instead, it dearchives the trojan.

http://www.ambrosiasw.com/forums/index.php?showtopic=102379