Notice: None of the reviews on this website are paid reviews. There are times that editors do receive products free for the purpose of reviewing them, but that does not influences the reviews.

All articles and posts are written by Tim Verpoorten (Surfbits) unless otherwise noted in the beginning of the article itself.

February 16, 2006

The First Mac OSX Virus? Not Quite.

@ 9:43 am.


I’ve been reading a few stories on the web this morning about the first Mac OSX virus possibly being found in the Mac Rumors forum. I had to laugh, it’s not a virus, but a poor excuse of a trojan at best. My friend, Paul Figgiani sent me an email with this quote from Ambrosia Software’s Andrew Welch: “You cannot be infected by this unless you do all of the following:

1) Are somehow sent (via email, iChat, etc.) or download the “latestpics.tgz” file
2) Double-click on the file to decompress it
3) Double-click on the resulting file to “open” it
4) and then for most users, you must also enter your Admin password.

It does not exploit any security holes; rather it uses “social engineering” to get the user to launch it on their system. It requires the admin password if you’re not running as an admin user. It doesn’t actually do anything other than attempt to propagate itself via iChat. It has a bug in the code that prevents it from working as intended, which has the side-effect of preventing infected applications from launching. It’s not particularly sophisticated.”

The day that a actual virus is created for the OSX will eventually come, but today is not that day. There are still no active viruses on the Mac platform.

Technorati Tags:
, , ,

4 Responses to “The First Mac OSX Virus? Not Quite.”

  1. JD on EP Says:
    February 16th, 2006 at 12:19 pm

    Mac exploit

    Mac exploit: Seems hard to get infected… surfbits reports that you need to decompress and activate an email attachment while Admin privileges are open… but MacRumors reports that it’s nasty if activated: it uses system-level search to find and inf…

  2. Jeffsters Says:
    February 16th, 2006 at 4:01 pm

    Nothing here a good AppleScript app can’t do. This is silly!

  3. James Bailey Says:
    February 16th, 2006 at 4:43 pm

    “and then for most users, you must also enter your Admin password.”

    I’ve read this all over the Mac web and I still don’t understand where Andrew came up with the idea that most users are running non-admin accounts. That certainly is not my experience. Everyone that I know who uses OS X runs an admin account except for machines that I’ve set up.

    Most users will not have to type in a password for this trojan. I would guess that the number of users running day-to-day as non-admin is in the 10%-20% range or even less.

  4. Robert Pritchett Says:
    February 17th, 2006 at 5:53 am

    Try here for better security agains malware attempts:

    http://www.macgeekery.com/tips/security/basic_mac_os_x_security

[powered by WordPress.]

New!
Save Money, Buy your Apple and Mac gear from the new

Mac Surf-Shop

categories:

search surfbits

archives:

February 2010
S M T W T F S
« Jan    
 123456
78910111213
14151617181920
21222324252627
28  

site info:

We now have a phone number to leave voicemail and faxes for Surf-Bits: 901-234-8057. Skype me using "surfbits", email is surfbits at gmail dot com

internal links:

The Producers of Surf-Bits.com,
are proud to bring you the
Mac ReviewCast Podcast.

Surfbits RSS Feed

Ads:Please Visit

Great Deals!

please visit

MacNerdNews
Podfeet.com
MacSparky
AlmerimarLife Webcam
Wingnut's Graphics
Chris Marshall's MyAppleStuff
The macCompanion
The MacReviewCast
SnowLeopardTips

22 queries. 3.719 seconds