February 18th, 2006, 12:39 PM
February 18th, 2006, 06:50 PM
So is leap-a a virus or a worm, the antivirus companys can't seem to make up their minds.
February 18th, 2006, 11:50 PM
It is apparently a Trojan, as it requires user interaction in order to be activated.
You can read more about this Trojan on Mac Rumors, but there's a full explanation of its inner workings in this thread by Andrew Welch.
It isn't too bad, although it is the first reported Trojan ever on OS X. Symantec have their own bit to say about it too...
February 19th, 2006, 10:34 AM
I would say that it is more of a worm than anything.
Strictly speaking, a trojan is an executable that appears to do one thing but does something else as well.
If you remember the "I love you" or "Lovebug" malware, you needed to open the attachment? "Anna Kournikova"................same thing. They both required user intervention but neither are called "trojans"
Let's face it, the whole AV industry is sloppy in its terminology, they cannot even agree a naming convention?
Just my £0.02
February 19th, 2006, 12:08 PM
Fair enough. Maybe they should make another classification for these types of trojan/worm malware?
It seems that another worm has appeared for OS X... according to Symantec, anyway. OSX.Inqtana.A - but as it spreads by Bluetooth, I don't think it's going anywhere too soon
February 20th, 2006, 01:38 AM
Almost as vulnerable as Windows... well maybe not.
I came in to the world with nothing. I still have most of it.
February 20th, 2006, 02:55 AM
Having said that Mac's have a smaller market share, most Mac laptops come with Bluetooth these days.
Originally posted here by J_K9
...but as it spreads by Bluetooth, I don't think it's going anywhere too soon
Even though I seem to recall Bluetooth is off by default, its only other Mac's that are going to be infected anyway!
Thanks for the heads up
February 20th, 2006, 04:57 PM
Leap-A is not a trojan, its a worm (of sorts). Some of the AV vendors do have there heads screwed on though:
(taken from Sophos web site www.sophos.com)
Is Leap-A a virus or a Trojan?
Some members of the Apple Macintosh community have claimed that OSX/Leap-A is a Trojan horse, and not a virus or worm, because it requires user interaction (the user has to receive a file via iChat, and manually choose to open and run the file contained inside).
However, this is not the definition of a Trojan horse.
A Trojan horse is a seemingly legitimate computer program that has been intentionally designed to disrupt and damage computer activity. Importantly, Trojan horses do not replicate or have any mechanism of spreading themselves. They have to be deliberately planted on a website, or accidentally shared with another user, or spammed out to email addresses. There is nothing inside a Trojan's code to distribute themselves further to other victims.
Trojan horses do not contain any code to distribute or spread themselves, viruses and worms do.
OSX/Leap-A is programmed to use the iChat instant messaging system to spread itself to other users. As such, it is comparable to an email or instant messaging worm on the Windows platform. Worms are a sub category of the group of malware known as viruses.
Therefore, it is correct to call OSX/Leap-A a virus or a worm. It is not correct to call OSX/Leap-A a Trojan horse.
February 20th, 2006, 05:13 PM
why would anyone want to write viruses, or any kind of malware for that matter, for Apple? I mean, aren't they supposed to be in good standing with the world like Linux?
there's always a way in...
February 21st, 2006, 09:49 AM
Linux, Unix, Apple, and infact any other system which would fall under the broad term of minority systems (VMS, OS/2, BeOs, etc), well basically anything other than windows will always still have malware written for them.
In some ways the challenge of writing something viral for one of these platforms holds more credit than it would to write something for a windows variant. (NOTE: I am not condoning the writing of malware).
Windows gets more malware written for it for three main reasons:
1. There are more windows systems on the Internet and therefore a greater opportunity of spreading quickly
2. There are numerous vulnerabilities and exploits for windows which have been documented (this does not mean that other platforms dont have exploits, but because fewer people use them less are found)
3. People dislike Microsoft
Linux is starting to be targeted by malware again, for example the latest malware against it was:
In a lot of ways unix based malware (so linux and apple) will in general be far more complicated (clever in some ways) and probably have a nastier payload. This is because a unix based system is harder to write an affective worm for. Windows once you are in is nice and easy to move around. Unix based system arent quite that easy. You can break into one component, but that doesnt mean that you can then move onto another with any sort of ease.
So if the malware gets in, it wants to do 'something' to prove a point. To prove that it got in.