first mac virus

Printable View

February 18th, 2006, 01:39 PM
unvi$ible

first mac virus

hi,
today read
http://australianit.news.com.au/arti....html?from=rss
February 18th, 2006, 07:50 PM
spamdies

So is leap-a a virus or a worm, the antivirus companys can't seem to make up their minds.
February 19th, 2006, 12:50 AM
J_K9

It is apparently a Trojan, as it requires user interaction in order to be activated.

You can read more about this Trojan on Mac Rumors, but there's a full explanation of its inner workings in this thread by Andrew Welch.

It isn't too bad, although it is the first reported Trojan ever on OS X. Symantec have their own bit to say about it too...

Cheers,

-jk
February 19th, 2006, 11:34 AM
nihil

I would say that it is more of a worm than anything.

Strictly speaking, a trojan is an executable that appears to do one thing but does something else as well.

If you remember the "I love you" or "Lovebug" malware, you needed to open the attachment? "Anna Kournikova"................same thing. They both required user intervention but neither are called "trojans"

Let's face it, the whole AV industry is sloppy in its terminology, they cannot even agree a naming convention?

Just my £0.02
February 19th, 2006, 01:08 PM
J_K9

Fair enough. Maybe they should make another classification for these types of trojan/worm malware? :rolleyes:

It seems that another worm has appeared for OS X... according to Symantec, anyway. OSX.Inqtana.A - but as it spreads by Bluetooth, I don't think it's going anywhere too soon ;)
February 20th, 2006, 02:38 AM
rcgreen

Almost as vulnerable as Windows... well maybe not.
:cool:
February 20th, 2006, 03:55 AM
alleyCat

Quote:

Originally posted here by J_K9
...but as it spreads by Bluetooth, I don't think it's going anywhere too soon ;)

Having said that Mac's have a smaller market share, most Mac laptops come with Bluetooth these days.

Even though I seem to recall Bluetooth is off by default, its only other Mac's that are going to be infected anyway!

Thanks for the heads up ;)

aL
February 20th, 2006, 05:57 PM
tsunami

Leap-A is not a trojan, its a worm (of sorts). Some of the AV vendors do have there heads screwed on though:

(taken from Sophos web site www.sophos.com)

Is Leap-A a virus or a Trojan?
Some members of the Apple Macintosh community have claimed that OSX/Leap-A is a Trojan horse, and not a virus or worm, because it requires user interaction (the user has to receive a file via iChat, and manually choose to open and run the file contained inside).

However, this is not the definition of a Trojan horse.

A Trojan horse is a seemingly legitimate computer program that has been intentionally designed to disrupt and damage computer activity. Importantly, Trojan horses do not replicate or have any mechanism of spreading themselves. They have to be deliberately planted on a website, or accidentally shared with another user, or spammed out to email addresses. There is nothing inside a Trojan's code to distribute themselves further to other victims.

Trojan horses do not contain any code to distribute or spread themselves, viruses and worms do.

OSX/Leap-A is programmed to use the iChat instant messaging system to spread itself to other users. As such, it is comparable to an email or instant messaging worm on the Windows platform. Worms are a sub category of the group of malware known as viruses.

Therefore, it is correct to call OSX/Leap-A a virus or a worm. It is not correct to call OSX/Leap-A a Trojan horse.
February 20th, 2006, 06:13 PM
Spekter1080

why would anyone want to write viruses, or any kind of malware for that matter, for Apple? I mean, aren't they supposed to be in good standing with the world like Linux?
February 21st, 2006, 10:49 AM
tsunami

Linux, Unix, Apple, and infact any other system which would fall under the broad term of minority systems (VMS, OS/2, BeOs, etc), well basically anything other than windows will always still have malware written for them.
In some ways the challenge of writing something viral for one of these platforms holds more credit than it would to write something for a windows variant. (NOTE: I am not condoning the writing of malware).

Windows gets more malware written for it for three main reasons:

1. There are more windows systems on the Internet and therefore a greater opportunity of spreading quickly
2. There are numerous vulnerabilities and exploits for windows which have been documented (this does not mean that other platforms dont have exploits, but because fewer people use them less are found)
3. People dislike Microsoft

Linux is starting to be targeted by malware again, for example the latest malware against it was:

http://www.sophos.com/virusinfo/anal...inuxmarea.html

In a lot of ways unix based malware (so linux and apple) will in general be far more complicated (clever in some ways) and probably have a nastier payload. This is because a unix based system is harder to write an affective worm for. Windows once you are in is nice and easy to move around. Unix based system arent quite that easy. You can break into one component, but that doesnt mean that you can then move onto another with any sort of ease.
So if the malware gets in, it wants to do 'something' to prove a point. To prove that it got in.
February 21st, 2006, 11:37 AM
nihil

Quote:

why would anyone want to write viruses, or any kind of malware for that matter, for Apple? I mean, aren't they supposed to be in good standing with the world like Linux?

This is actually a very interesting sociological question.

My thinking is that there are bozos who will cause damage wherever they can. They are "vandals" and wreck bus shelters, telephone kiosks and so on. Although they are brain dead morons, they do have their IT counterparts.

Then there are people who take a stance against Bill Gates, Microsoft, big business or whatever. That makes them a "target" it is a sort of Luddite or anarchist revolution.

Then there are those who do it for profit, or because their government employs them to do it. This might be on the side of good or evil (however you personally choose to define those concepts)

And their are social deviants who didn't have enough sh1t beaten out of them in their youth. They think that it makes them "important" and somehow compensates for their totally defective personalities.

AppleMac and Linux are not targeted per se, because they are either not big enough or not commercial enough, but they do provide a route to attack Windows.

Please remember that their are proof of concept activities which are not always discussed in the forums of "learned security sites" I am certain that the ultimate target is still Windows.

;)

And those who do it for research/academic interest I put in the class of those who do it for "profit" because they gain knowledge and/or amusement. I guess practical jokes, political/religious statements and the like fall into that category as well.

Just my £0.02
February 22nd, 2006, 05:22 AM
@tt!tud3

Re: first mac virus

Quote:

Originally posted here by unvi$ible
hi,
today read
http://australianit.news.com.au/arti....html?from=rss

I heard. Was only a matter of time. Popularity is always security's antidote.

It isn't a virus regardless of what Sophos says. It is only malware.
February 22nd, 2006, 05:49 AM
rapier57

This is very, very far from the first Mac virus. I refer you back to the Original Mac, Fat Mac, Mac II, 6300 (bomb) and other Mac platforms since, all running the various Mac OS versions up to and including 9.x. Virii and worms ran rampant in those OSs for years, especially after those Macs were connected to the internet. I spend many days cleaning malware from Macs. Macs have been targets in the past, and definitely will be again.

For some reason, everyone is restarting the count with Mac OS X. Revisionism lives.

Unfortunately, it won't take very sophisticated Mac malware to plunk the majority of Mac users on their collective, complacent butts, since they insist the Mac is "secure by default" and the Mac store sales droids still tell users they don't need anti-virus, firewalls, or need to worry like windows users.
October 21st, 2015, 02:48 PM
baanetaettsay4788

first mac

The title says it all My first system was a PowerBook 5300c. I miss those times when the Internet was not the main reason to get a computer. OS 8 was very sophisticated for its time. Anyway, what was your first Mac system, and do you still have it?
October 21st, 2015, 05:02 PM
Shay

Most of the stuff hitting MACs now is malware
Malwarebytes Anti-Malware for Mac is what I use to clean them up.
https://www.malwarebytes.org/antimalware/mac/
November 4th, 2017, 03:02 PM
bewerbung

Strictly speaking, a trojan is an executable that appears to do one thing but does something else as well.
December 27th, 2017, 02:56 AM
graca

Viruses and Misleading Consumers

On my own Mac laptop it has prompted me to download applications that are supposed to scan my laptop for viruses or security breeches, but once downloaded those applications are what actually load viruses and malware. Many people are being mislead thinking that they are going to be protecting their information, when they are actually putting it at risk. This also relates to the companies that say they will find out vulnerabilities of other companies by hacking them. But once they do so, they have access to that companies information, so it can be hard to be sure that the secure information isn't being stolen that way.
January 2nd, 2018, 07:55 PM
wanderlush

I remember getting infected with both WDEF.A and WDEF.B on my MacPlus when I was trying to install a friend's copy of Dark Castle...oh what fun it was reinstalling OS6!
January 12th, 2018, 10:16 AM
taichinhhanaHN

Apple/Mac community always had so called proof of concept virus or whatever you called, which are released under specific target in mind. And that has being there since the early days of Apple II. you still find one of those once a while especially on Academic setting.