Mac360 Easy Search
Enter your search keywords below »

Mac360 Power Search
Click below for advanced search options »
Mac360 Archives
By Month, All, Category

Latest Mac Reviews Mac360 Forums New Encore Reviews
Home  »  Rumor Roundup  »

Hoax, Trojan Horse, Or First Mac OS X Virus?

VIRUSMac malware. It had to happen, sooner or later. Looks like it’s sooner. Mac news sites report the first signs of a credible trojan horse threat for Mac OS X Tiger.

“OSX/Leap A” has arrived, ready to infect virgin Macs world wide. Are we prepared for the latest malware, trojan horses, and viruses?

Probably not, though this latest threat appears real, it is NOT a virus.

Sophos, the computer security company best known for “crying wolf” to Mac users, has named this trojan horse OSX/Leap A.

Guess what? They’re advising Mac users to get virus protection and to make sure that their virus definitions are up to date. Duh.

From what I can gather of all the reports, some of which are sensationalist in nature, while others take a more factual approach, this is basic malware, not a virus.

What’s the difference? None, if the offending file wrecks your computer.

That doesn’t appear to be the case with OSX/Leap A.

A trojan horse usually tricks a computer user into thinking it (the file or application) is something different than what it is.

A computer user opens a file, either an attachment or downloaded, which then proceeds to destroy files, or cause general havoc, or copy itself and send itself to other users.

That differs from a virus, which is usually considered self propagating.

Trojan horse malware is relatively simple to create but more difficult to propagate. For example, I could (or a friend; blondes don’t do code) write a simple application that could erase many of your Mac’s documents, music, photos, or applications, and send itself to others.

Once you open the application, it begins doing the dirty deeds, though in most cases it would require you to provide an administrator’s password to be effective.

A virus would be able to propagate automatically, send itself wherever, bypass most of Mac OS X’s security, exploit a hole or weakness in the operating system, and then cause damage.

So far, no true viruses have been reported ”in the wild” for Mac OS X Tiger.

OSX/Leap A uses the Mac’s iChat AV and attempts to spread to contacts in the iChat Buddy List.

Andrew Welch from Ambrosia Software points out the basics for Mac users:

1 - you can’t be infected unless you receive the file ”latestpics.tgz.”

2 - double click to decompress the zipped file.

3 - double click the file to ”open it.”

You’d still be required to enter your password for OSX/Leap A to do the dirty deeds to the rest of your Mac, though such malware could delete many of your files.

As trojan horses go, Welch indicates this one is ”not particularly sophisticated.”

Regardless, all mainstream computer operating systems, Mac OS X included, are vulnerable to trojan horses which spread through more ”social” contact, rather than automatic replication and distribution.

Is this one a hoax? Apparently not. Is it dangerous? Only if you open it. Will a virus scanning application find it? Probably not.

The folks at Mac360 have a few domains for sale. If you've ever dreamed of setting up and running your own site about Apple, the Mac, iPods or the iPhone, this is a great way to get started. Click here for the basic details, and click AppleScene, iPhoneKillerTips, or ChatterMac for a more complete list.

   • Article by Bambi Brannan • Published on Thursday, February 16, 2006
   • Category: Rumor Roundup • 18 Reader comment(s) • Email This • Digg This • Shop Now
  Page 1 of 1 Page(s) for this article.

Talk Back to the folks at Mac360
Mac360 readers talk back. View their comments below or post your own comment to this article. Comments are moderated by the Mac360 staff. Or, post comments in the Mac360 Forums. It's mostly anonymous, there's no obligation, and no cost, so join in-- it's free, fun, low in calories, low in carbs, non-fat, and mildly addictive-- like chocolate and blondes.

Readers Talk Back:
MrSin says:

ClamXav found here: http://www.clamxav.com/ and it’s free smile. I know this is very late, but I just saw this article and comments.

   — Posted on Sat Sep 22 at 9:07 pm by MrSin

  Page 1 of 1 Page(s) for Comments on this article.
     Back To Top

Talk Back to Mac360 and post your own comment

Your comment may be anonymous if you want (it's OK to use a cute name, or something everyone can remember). An email address is only required if you want to be notified of new comments by other posters, and is always shielded from email spam harvesters.

We moderate the comments, so keep it on topic, relevant, worthy, and funny. Or, pick any two. Yes, SPAM links will be deleted, so don't even think about it.

Talk back and enter your comment below:
Your Name:
Your Email:(optional: needed only for comment notification)
Your Location:(optional: your city, state, country)

Enter Your Comment Below:
Remember my personal information?
Notify me of follow-up comments by email?

Please enter the Mac360 "Magic Word" from the image below:



     Back To Top
What's in the FORUMS?
Newest Daily Topics


Also in Mac360
Recent Articles