Virus schmirus

No worries from our perspective, though 'tis quite interesting to watch how many news stories misrepresent the details. Not surprising if one follows politics, I suppose.

MacDailyNews - Apple and Mac News - Welcome Home
A file called “latestpics.tgz” was recently posted on a Mac rumors web site (www.macrumors.com), claiming to be pictures of “Mac OS X Leopard.” Mac Rumors has, for some unknown reason, headlined their article “The First Mac OS X Virus?” - although they do seem to have recently tacked on the parenthetical “A New OS X Trojan” to the headine and added this statement to the end of their article: “It appears that there is some debate about the classification of this application, and as it does require user activation, it appears to fall into the Trojan classification, rather than self-propogating through any particular vulnerability in OS X.”

Ambrosia Software's Andrew Welch explains:
You cannot be infected by this unless you do all of the following:
1) Are somehow sent (via email, iChat, etc.) or download the “latestpics.tgz” file
2) Double-click on the file to decompress it
3) Double-click on the resulting file to “open” it
...and then for most users, you must also enter your Admin password.

It does not exploit any security holes; rather it uses “social engineering” to get the user to launch it on their system. It requires the admin password if you're not running as an admin user. It doesn't actually do anything other than attempt to propagate itself via iChat. It has a bug in the code that prevents it from working as intended, which has the side-effect of preventing infected applications from launching. It's not particularly sophisticated.

So, for those inclined to hyperbole and panic: relax. You cannot simply “catch” a trojan as you would a “virus.” There are zero Mac OS X viruses. This is not the first Mac OS X trojan and it won't be the last. Even if someone does send you the “latestpics.tgz” file, you cannot be infected unless you unarchive the file, then open it, and authorize it to run. Just trash it. As usual, do not install and run applications from untrusted sources. Do not run Mac OS X as “root.” Same stuff as usual.

more details here

Tags: , /, /

About this Entry

This page contains a single entry by Seth A. published on February 16, 2006 6:02 PM.

Mr. Vice President, It's Time to Go was the previous entry in this blog.

Netflix settlement is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Pages

Powered by Movable Type 4.37