Notice: None of the reviews on this website are paid reviews. There are times that editors do receive products free for the purpose of reviewing them, but that does not influences the reviews.


I’ve been reading a few stories on the web this morning about the first Mac OSX virus possibly being found in the Mac Rumors forum. I had to laugh, it’s not a virus, but a poor excuse of a trojan at best. My friend, Paul Figgiani sent me an email with this quote from Ambrosia Software’s Andrew Welch: “You cannot be infected by this unless you do all of the following:

1) Are somehow sent (via email, iChat, etc.) or download the “latestpics.tgz” file
2) Double-click on the file to decompress it
3) Double-click on the resulting file to “open” it
4) and then for most users, you must also enter your Admin password.

It does not exploit any security holes; rather it uses “social engineering” to get the user to launch it on their system. It requires the admin password if you’re not running as an admin user. It doesn’t actually do anything other than attempt to propagate itself via iChat. It has a bug in the code that prevents it from working as intended, which has the side-effect of preventing infected applications from launching. It’s not particularly sophisticated.”

The day that a actual virus is created for the OSX will eventually come, but today is not that day. There are still no active viruses on the Mac platform.

Technorati Tags:
, , ,

4 Responses to “The First Mac OSX Virus? Not Quite.”

  1. JD on EP says:

    Mac exploit

    Mac exploit: Seems hard to get infected… surfbits reports that you need to decompress and activate an email attachment while Admin privileges are open… but MacRumors reports that it’s nasty if activated: it uses system-level search to find and inf…

  2. Jeffsters says:

    Nothing here a good AppleScript app can’t do. This is silly!

  3. James Bailey says:

    “and then for most users, you must also enter your Admin password.”

    I’ve read this all over the Mac web and I still don’t understand where Andrew came up with the idea that most users are running non-admin accounts. That certainly is not my experience. Everyone that I know who uses OS X runs an admin account except for machines that I’ve set up.

    Most users will not have to type in a password for this trojan. I would guess that the number of users running day-to-day as non-admin is in the 10%-20% range or even less.

  4. Try here for better security agains malware attempts:

    http://www.macgeekery.com/tips.....x_security