Interesting People mailing list archives
First Mac OS X Worm a Wake-Up Call]
From: Dave Farber <dave () farber net>
Date: Mon, 20 Feb 2006 07:41:08 -0500
-------- Original Message -------- Subject: First Mac OS X Worm a Wake-Up Call Date: Mon, 20 Feb 2006 00:07:22 -0500 From: Monty Solomon <monty () roscom com> To: undisclosed-recipient:; First Mac OS X Worm a Wake-Up Call by Leander Kahney Thursday, 16 February 2006 UPDATE: There's a lot of debate about whether this is a real worm, or merely an elaborate, executable script that the user is tricked into running. It appears to be a worm -- it's self-containing code that replicates itself over the Net (def.). But it also requires the user to agree to accept it as an iChat file transfer, which is a Trojan trait. It does not require the user to enter a password to be installed, like an OS X application. Nor does it warn the user they may be dealing with an executable file, as Safari does when downloading software off the Net. So it's more than a simple script-kiddie Applescript. Also, it may be mostly harmless now, but will likely lead to much nastier versions in the future, according to this analysis from the programmers at Rixstep: "Future versions of the same worm or spin-offs from it are bound to be destructive and much more intrusive. By exploiting several weaknesses in Apple's file system, (Leap-A) and its successors will work." One more thing: there was talk a while back that Apple's move to Intel chips would make the platform more susceptible to malware like this. But Leap-A is a PowerPC worm. Does that make Intel-Macs invulnerable? Will it run in Rosetta? ... http://wiredblogs.tripod.com/cultofmac/index.blog?entry_id=1415489 ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- First Mac OS X Worm a Wake-Up Call] Dave Farber (Feb 20)