First Mac OS X Worm a Wake-Up Call]

[Dave Farber <dave () farber net>]

-------- Original Message --------
Subject: First Mac OS X Worm a Wake-Up Call
Date: Mon, 20 Feb 2006 00:07:22 -0500
From: Monty Solomon <monty () roscom com>
To: undisclosed-recipient:;


First Mac OS X Worm a Wake-Up Call
by Leander Kahney
Thursday, 16 February 2006

UPDATE: There's a lot of debate about whether this is a real worm, or
merely an elaborate, executable script that the user is tricked into
running. It appears to be a worm -- it's self-containing code that
replicates itself over the Net (def.). But it also requires the user
to agree to accept it as an iChat file transfer, which is a Trojan
trait. It does not require the user to enter a password to be
installed, like an OS X application. Nor does it warn the user they
may be dealing with an executable file, as Safari does when
downloading software off the Net. So it's more than a simple
script-kiddie Applescript. Also, it may be mostly harmless now, but
will likely lead to much nastier versions in the future, according to
this analysis from the programmers at Rixstep: "Future versions of
the same worm or spin-offs from it are bound to be destructive and
much more intrusive. By exploiting several weaknesses in Apple's file
system, (Leap-A) and its successors will work."

One more thing: there was talk a while back that Apple's move to
Intel chips would make the platform more susceptible to malware like
this. But Leap-A is a PowerPC worm. Does that make Intel-Macs
invulnerable? Will it run in Rosetta?

...

http://wiredblogs.tripod.com/cultofmac/index.blog?entry_id=1415489


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/