|
|
|
| OSX/Leap-A: First ever virus for Mac OS X discovered |
| Thursday, February 16, 2006 at 22:01 by Rich Kavanagh |
Experts at Sophos have announced the discovery of the first virus for the Apple Mac OS X platform.
The virus, named OSX/Leap-A (also known as OSX/Oompa-A) spreads via instant messaging systems.
The OSX/Leap-A worm spreads via the iChat instant messaging system, forwarding itself as a file called "latestpics.tgz" to contacts on the infected users' buddy list. When the "latestpics.tgz" archive file is opened on a computer it disguises its contents with a JPEG graphic icon in an attempt to fool people into thinking it is harmless.
The worm uses the text "oompa" as an infection marker in the resource forks of infected programs to prevent it from reinfecting the same files.
Graham Cluley, senior technology consultant for Sophos, said,
"Some owners of Mac computers have held the belief that Mac OS X is incapable of harboring computer viruses, but Leap-A will leave them shellshocked, as it shows that the malware threat on Mac OS X is real. Mac users shouldn't think it's okay to lie back and not worry about viruses."
Experts at Sophos are continuing to examine OSX/Leap-A and will issue further information shortly.
"This is the first real virus for the Mac OS X platform," continued Cluley. "Apple Mac users need to be just as careful running unknown or unsolicited code on their computers as their friends and colleagues running Windows."
Sophos advises all computer users, whether running PCs or Macs, to practise safe computing and keep their anti-virus software updated.
One question currently being asked, "Is Leap-A a virus or a Trojan?"
Some members of the Apple Macintosh community have claimed that OSX/Leap-A is a Trojan horse, and not a virus or worm, because it requires user interaction (the user has to receive a file via iChat, and manually choose to open and run the file contained inside). However, this is not the definition of a Trojan horse.
A Trojan horse is a seemingly legitimate computer program that has been intentionally designed to disrupt and damage computer activity. Importantly, Trojan horses do not replicate or have any mechanism of spreading themselves. They have to be deliberately planted on a web site, or accidentally shared with another user, or spammed out to email addresses. There is nothing inside a Trojan's code to distribute themselves further to other victims.
Trojan horses do not contain any code to distribute or spread themselves, viruses and worms do. OSX/Leap-A is programmed to use the iChat instant messaging system to spread itself to other users. As such, it is comparable to an email or instant messaging worm on the Windows platform.
Worms are a sub category of the group of malware known as viruses. Therefore, it is correct to call OSX/Leap-A a virus or a worm, not a Trojan horse.
|
|
| |
 
|
|
| good, now perhaps Apple users will stop being all self righteous. Not |
|
|
| Apple: 'Leap-A' not a virus; only accept files from vendors and Web sites that you know and trust
Thursday, February 16, 2006 - 06:39 PM EST
"A malicious program that could be the first Trojan in the wild to target Apple Computer's Mac OS X operating system has been discovered, security experts confirmed Thursday. Apple and outside analysts said the program, referred to as Leap-A, is not a 'virus,' per se. Rather, it 'requires a user to download the application and execute the resulting file,' Apple said in a statement to CNET News.com. The company provided no further comment on the nature of the program," Anne Broache reports for CNET News. "The malicious software, which has also been dubbed OSX/Oompa-A and the Ooompa Loompa Trojan Horse by other security experts, appears to have spread minimally so far and has achieved low-level threat classifications from McAfee and Symantec. But security experts cautioned Macintosh users to view the incident as a wake-up call that all operating systems have vulnerabilities."
MacDailyNews Take: Did security experts also caution Macintosh users to view the incident as a wake-up call that all operating systems can run programs, too? Do not download "latestpics.tgz" and then uncompress it and then run it by giving Mac OS X your Admin password at the prompt. Also, do not drag files that you wish to keep on your hard drives to the Trash and then empty it. |
|
|
| Just cause someone at MIT isn't getting any, we all have to deal with computer viruses. |
|
|
| finally, now all those damn apple users can stop boasting the Mac system is unbreakable. Really, inside, its just as unsafe as windows it just that no one can be bothered to hack Mac - no one has it. To the evil hackers and crackers out there it is much better to hack windows - more victims. |
|
|
|
| Recent Articles In Virus: |
|
| |
|
|
|
|
|
