toggle

AAPL Stock: 102.13 ( + 1.24 )

Printed from http://www.macnn.com

Vendors respond to new Mac OS X worm

updated 05:45 pm EST, Thu February 16, 2006

Vendors respond to threat

Three major anti-virus vendors today responded to the newly circulating Mac OS X worm. Symantec today said that it has provided users of its security/virus products with protection (new definitions) against the new worm, which targets Mac OS X 10.4. The company currently categorizes the OSX.Leap.A virus as a Level 1 threat (on a scale of 1 to 5, with 5 being most severe). Many Mac users have been somewhat smug about the existence of virii for the Mac, but French anti-virus vendor Sophos says it is very real. "Some owners of Mac computers have held the belief that Mac OS X is incapable of harboring computer viruses, but Leap-A will leave them shellshocked, as it shows that the malware threat on Mac OS X is real," said Graham Cluley, senior technology consultant for Sophos. "Mac users shouldn't think it's okay to lie back and not worry about viruses."

While Sophos says it is continuing to examine OSX/Leap-A and will issue further information shortly, its customers have been automatically protected against the worm since early morning on February 16, 2006. The company's website says the prevalance is low, despite the media attention to the new worm.

Mac security specialist Intego said that it offers protection through its VirusBarrier antivirus program. "he the newly discovered "Oompa-Loompa Trojan horse," also called OSX/Oomp-A or Leap.A, affects Macintosh computers running Mac OS X on PowerPC processors, but does not delete files, according to Intego. The software, however, does replicate itself by sending itself to users' iChat buddies and infects applications on computers where it runs, enabling those applications to in turn spread the virus. The company said it updated its virus definitions on February 14 to provide protection.

Meanwhile, users can protect themselves by turning off the option to automatically accept files via iChat, according to Symantec.

"This first Macintosh OSX threat is an example of the continuing spread of malicious code onto other platform," said Vincent Weafer, senior director at Symantec Security Response. "However, this worm will not automatically infect, but will ask users to accept the file, giving potential victims a heads up and the opportunity to avoid infection. The important piece of advice for any iChat users running OSX 10.4 is not to accept file transfers, even if they come from someone on a buddy list."




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. MacWizard x

    Joined: Dec 1969

    0

    Bullshit...

    No program can self-install on a Mac... admin password is required... send this b.s. back to Windows were it belongs...

  1. hayesk

    Joined: Dec 1969

    0

    This is not a virus

    The anti-virus vendors are spreading FUD to sell software.

    This is in no way a virus or a worm. It cannot spread without user intervention each step of the way, and it cannot run without tricking a user to run it.

    It's a trojan horse, plain and simple. MacOS X still has no known virus.

    That's not to say users shouldn't be careful. Although in this case, simply running "Get Info" on the attachment after decompressing it would reveal that it was not a JPEG as it pretended to be.

  1. jhorvatic

    Joined: Dec 1969

    0

    I haven't seen it yet

    Still no known proven virus to date. Of course the antivirus companies are going to cry foul and say it is. How do you think they make there money.

  1. leamanc

    Joined: Dec 1969

    0

    Not another 1st virus!

    Isn't this like the third "first virus" for OS X?

    I seem to recall a while back there was a bogus mp3 file going around that was actually an application. I remember Sophos, Symantec and the rest of the AV vendors saying the same c***: "Mac users have been smug," "The virus threat is real," etc.

    And I don't remember the details, but I'm sure there was one other "first virus" before that.

    My two cents: It IS malware, but it is NOT a virus or even a trojan horse. It's a worm that's not self-installing or truly self-propagating.

  1. Gabriel Morales

    Joined:

    0

    Come on...

    We're not smug, we're realists, and we know full-well that there are many anti-virus companies which would love for there to be a real or at least perceived credible threat for Mac OS X to profit off of.

    Throw away your cycle-hogging space-consuming, memory-wasting anti-virus apps and buy yourself something actually useful for the Mac.

    Oh and I noticed that the line "Many Mac users have been somewhat smug about the existence of virii for the Mac" was not attributed to anyone... what the heck MaNN?!-- Shame on your for writing such a ridiculous line. Who's side are you on anyway? Or will we see the official MacNN anti-virus app soon?

  1. LouZer

    Joined: Dec 1969

    0

    heads in a**

    No program can self-install on a Mac... admin password is required... send this b.s. back to Windows were it belongs...

    OK, except that's wrong. Any program can self-install, depending where it wants to install. h***, a program can be copied into your documents folder without password. Then set it up as a startup item. Bing/bang/boom. It all works.

    Oh, and if you read the descriptions, you'd know that admin users don't get prompted for a password.

    This is in no way a virus or a worm. It cannot spread without user intervention each step of the way, and it cannot run without tricking a user to run it. And that's what most Windows 'viruses' that you all mock are. Emailed programs that require the user to open. But it doesn't stop you all from saying they're loaded with viruses.

    And you say it requires user intervention each step of the way. What steps are you talking about. I count two. One to download. Two to 'open' the jpeg. Wow, you make it sound like buying a house is easier then to get this to install.

    That's not to say users shouldn't be careful. Although in this case, simply running "Get Info" on the attachment after decompressing it would reveal that it was not a JPEG as it pretended to be.

    Yeah, and the same can be said on windows. But how many computer users are actually going "Hey, let me make sure this isn't an application". Because windows users apparently don't do it at all, and I doubt there's many mac users who do it either.

  1. rtbarry

    Joined: Dec 1969

    0

    louzer...

    write a virus that can effectively infect a current version of Mac OS X across a broad band of users. until then, SHADDUP!

    you are tiresome. but i am not tired yet.

  1. rwahrens1952

    Joined: Dec 1969

    0

    chill

    Hey, folks, chill out on the personal stuff, ok?

    Louzer has a point. This thing CAN infect a Mac without an admin password, thanks to its chosen method of installation.

    What that means is that we'll all have to stop running as admin on a regular basis, at least until Apple patches this thing, and probably for good.

    That said, there STILL aren't any actual viruses for Mac OS X - but we do still hafta keep our eyes open for the bad stuff!

  1. JoeE

    Joined: Dec 1969

    0

    Mis-categorization

    Mac security specialist Intego said that it offers protection through its VirusBarrier antivirus program. "he the newly discovered "Oompa-Loompa Trojan horse," also called OSX/Oomp-A or Leap.A, affects Macintosh computers running Mac OS X on PowerPC processors, but does not delete files, according to Intego. The software, however, does replicate itself by sending itself to users' iChat buddies and infects applications on computers where it runs, enabling those applications to in turn spread the virus.

    It has replication ability. No Trojans have this ability, nor will you find this ability stated in any sound definition of 'Trojan.' Therefore, it is a Worm.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Epson PowerLite Home Cinema 2030 projector

With high-definition televisions now the standard, 4K televisions becoming the next big thing, and plasma TVs going the way of the din ...

Life n Soul 8 Driver Bluetooth headphones

When it comes to music on the go, consumers generally have some options to consider when looking for the best experience. While Blueto ...

Pure Jongo T2 wireless speaker

Multi-room audio compatibility is a key metric for wireless sound systems these days. The entry cost into a house-spanning system can ...

toggle

Most Commented