02/17/2006, 11:15am, EST
Friday, February 17th
Second concept worm posted for OS X
Apple provided a fix for the Bluetooth vulnerability for Mac OS X 10.3.x and Mac OS X 10.4.x in June of 2005.
"If you are using OS X 10.4 make sure that you have latest security patches installed and you are safe from Inqtana.A and any future worm that tries to use same exploit. Inqtana.A has not been met in the wild and it uses Bluetooth library that is locked into specific Bluetooth address and the library expires on 24. February 2006. So it is quite unlikely that Inqtana.A would be any kind of threat," according to MacSecurityNews.
The Inqtana.A worm spreads using an OBEX Push request, requiring user to accept the data transfer. Upon completion, Inqtana.A uses directory traversal exploit to copy its files so that it starts automatically on next reboot. The F-Secure site has also posted instructions on removing the worm from an infected system.
Filed under: troubleshooting
,
, 34
,
,
,
,
,

subscribe to comments
for this article
Okee dokee, then.
Yeah, this is the end of it all.....
Most people will not accepd a BT request that they did not initiate.
Umlike Windows where this type of thing will go on without you accepting anything.
*cue Emperor Palpatine's laughter*
BEWARE!!!!
Unfortunately, not all Mac users are as brilliant. As you know, Macs are touted for their ease-of-use. That said, Macs are also used in offices and classrooms (Special Education, for example) for those users who are not necessarily computer/tech savvy. These are the particular users who are most likely to fall for the techniques employed by these worms and other malware.
Another thing to consider is that it would seem that one purpose of the creation of these exploits (yes, they are exploits) is to demonstrate and point out the vulnerabilities that exist in the Mac OS. Granted, it's actually quite tough for malware to be as effective on Mac OS compared to Windows. So, as you have all been saying, all the Mac OS malware in the past and to come are simply there, but not something to really worry about, and I agree. Yet, it's still not a good idea to be complacent.
If I suddenly get a popup saying "do you accept this transfer?" and I didn't ask for one, I'd hit no. Just common sense.
It trully is sad that people have to point out concept viruses for the Mac to find fault.
If I type 'sudo rm -R /*' and enter my admin password, it deletes your entire hard drive. This is unacceptable and an incredible security risk.
Disk Utility should be removed too.