first mac virus
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: first mac virus

  1. #1
    Senior Member
    Join Date
    Jun 2003
    Posts
    347

  2. #2
    Banned
    Join Date
    Jul 2004
    Posts
    297
    So is leap-a a virus or a worm, the antivirus companys can't seem to make up their minds.

  3. #3
    The Prancing Pirate
    Join Date
    Jul 2004
    Posts
    548
    It is apparently a Trojan, as it requires user interaction in order to be activated.

    You can read more about this Trojan on Mac Rumors, but there's a full explanation of its inner workings in this thread by Andrew Welch.

    It isn't too bad, although it is the first reported Trojan ever on OS X. Symantec have their own bit to say about it too...

    Cheers,

    -jk
    TAZForum <---- click

  4. #4
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    I would say that it is more of a worm than anything.

    Strictly speaking, a trojan is an executable that appears to do one thing but does something else as well.

    If you remember the "I love you" or "Lovebug" malware, you needed to open the attachment? "Anna Kournikova"................same thing. They both required user intervention but neither are called "trojans"

    Let's face it, the whole AV industry is sloppy in its terminology, they cannot even agree a naming convention?

    Just my 0.02
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  5. #5
    The Prancing Pirate
    Join Date
    Jul 2004
    Posts
    548
    Fair enough. Maybe they should make another classification for these types of trojan/worm malware?

    It seems that another worm has appeared for OS X... according to Symantec, anyway. OSX.Inqtana.A - but as it spreads by Bluetooth, I don't think it's going anywhere too soon
    TAZForum <---- click

  6. #6
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    Almost as vulnerable as Windows... well maybe not.
    I came in to the world with nothing. I still have most of it.

  7. #7
    Senior Member
    Join Date
    Nov 2005
    Posts
    115
    Originally posted here by J_K9
    ...but as it spreads by Bluetooth, I don't think it's going anywhere too soon
    Having said that Mac's have a smaller market share, most Mac laptops come with Bluetooth these days.

    Even though I seem to recall Bluetooth is off by default, its only other Mac's that are going to be infected anyway!

    Thanks for the heads up

    aL

  8. #8
    Member tsunami's Avatar
    Join Date
    Jul 2003
    Posts
    30
    Leap-A is not a trojan, its a worm (of sorts). Some of the AV vendors do have there heads screwed on though:

    (taken from Sophos web site www.sophos.com)

    Is Leap-A a virus or a Trojan?
    Some members of the Apple Macintosh community have claimed that OSX/Leap-A is a Trojan horse, and not a virus or worm, because it requires user interaction (the user has to receive a file via iChat, and manually choose to open and run the file contained inside).

    However, this is not the definition of a Trojan horse.

    A Trojan horse is a seemingly legitimate computer program that has been intentionally designed to disrupt and damage computer activity. Importantly, Trojan horses do not replicate or have any mechanism of spreading themselves. They have to be deliberately planted on a website, or accidentally shared with another user, or spammed out to email addresses. There is nothing inside a Trojan's code to distribute themselves further to other victims.

    Trojan horses do not contain any code to distribute or spread themselves, viruses and worms do.

    OSX/Leap-A is programmed to use the iChat instant messaging system to spread itself to other users. As such, it is comparable to an email or instant messaging worm on the Windows platform. Worms are a sub category of the group of malware known as viruses.

    Therefore, it is correct to call OSX/Leap-A a virus or a worm. It is not correct to call OSX/Leap-A a Trojan horse.

  9. #9
    Senior Member Spekter1080's Avatar
    Join Date
    Oct 2005
    Location
    Iowa
    Posts
    101
    why would anyone want to write viruses, or any kind of malware for that matter, for Apple? I mean, aren't they supposed to be in good standing with the world like Linux?
    there's always a way in...

  10. #10
    Member tsunami's Avatar
    Join Date
    Jul 2003
    Posts
    30
    Linux, Unix, Apple, and infact any other system which would fall under the broad term of minority systems (VMS, OS/2, BeOs, etc), well basically anything other than windows will always still have malware written for them.
    In some ways the challenge of writing something viral for one of these platforms holds more credit than it would to write something for a windows variant. (NOTE: I am not condoning the writing of malware).

    Windows gets more malware written for it for three main reasons:

    1. There are more windows systems on the Internet and therefore a greater opportunity of spreading quickly
    2. There are numerous vulnerabilities and exploits for windows which have been documented (this does not mean that other platforms dont have exploits, but because fewer people use them less are found)
    3. People dislike Microsoft

    Linux is starting to be targeted by malware again, for example the latest malware against it was:

    http://www.sophos.com/virusinfo/anal...inuxmarea.html

    In a lot of ways unix based malware (so linux and apple) will in general be far more complicated (clever in some ways) and probably have a nastier payload. This is because a unix based system is harder to write an affective worm for. Windows once you are in is nice and easy to move around. Unix based system arent quite that easy. You can break into one component, but that doesnt mean that you can then move onto another with any sort of ease.
    So if the malware gets in, it wants to do 'something' to prove a point. To prove that it got in.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •