Home Phone and Internet $60/mo
- Related Stories
-
Exploit turns up heat for Firefox flaw
February 8, 2006
Apple and outside analysts said the program, referred to as Leap-A, is not a "virus" per se. Rather, it "requires a user to download the application and execute the resulting file," Apple said in a statement to CNET News.com. The company provided no further comment on the nature of the program.
The malicious software, which has also been dubbed OSX/Oompa-A and the Ooompa Loompa Trojan Horse by other security experts, appears to have spread minimally so far and has achieved low-level threat classifications from McAfee and Symantec.
But security experts cautioned Macintosh users to view the incident as a wake-up call that all operating systems have vulnerabilities.
"It's not really news as far as threats go," said Ray Wagner, a senior vice president in Gartner's information security group. "It is news because it targets OS X, and as far as I know, it's certainly the first OS X malicious content in the wild that's been noted at this point."
Classified as both a worm and a Trojan, Leap-A appears to have begun its movement earlier this week after it was posted at a forum for Mac-related rumors. The file appeared as an external link promising pre-release screenshots of the upcoming Mac OS X 10.5, also known as Leopard.
Leap-A, which appears to affect only the OS X 10.4 platform, spreads primarily via the Apple iChat instant-messaging program. The program forwards itself as a compressed file called "latestpics.tgz" to all the contacts on the infected user's buddy list each time the program starts up.
But it's up to the person to download the file, which shows up as an attachment to a conversation thread. If downloaded, the self-executable file masquerades with an icon typically reserved for image files but does not activate itself unless opened.
"It exhibits the same behavior as a Trojan in that it requires user interaction and a mass mailer in that it's going through the contact list of that particular iChat client," said Dean Turner, senior manager of Symantec Security Response. "And it's a worm because it's replicating on its own once the system has become infected."
An analysis by U.K.-based security firm Sophos said it attempts to infect recently used applications by overwriting the original application with a copy of the worm. According to Symantec, "files infected by OSX.Leap.A may be corrupted and may not run correctly."
A number of security companies--including Symantec, McAfee, Sophos and Intego--have released updated definitions to guard against the threat. Apple directed customers to a safety guide at its site and said it "always advises Macintosh users to only accept files from vendors and Web sites that they know and trust."
Andy McCue of Silicon.com contributed to this report.
See more CNET content tagged:
security expert,
worm,
Apple iChat,
Apple Mac OS X,
Symantec Corp.
I'd like to see the PC fanboys swarm to this and say stupid crap like "ha ha we're not the only ones" and "OS X isn't as secure as people say." OS X is still far more secure. So, here's Trojan #3. Compared to how many windows trojans?
Yeah, that's what I thought, don't even start.
Now... the difference here... is that when an exploit such as this is used against Microsoft's customers, the Mac and Linux zealots blame Microsoft. You have to know the same is headed your way, or you probably wouldn't have preempted the discussion with a defensive statement and a jab at PC users.
You said it yourself:
"anyone with common sense knows that all OS's have flaws"
So... would you like the vulnerable operating system? ...or the vulnerable operating system?
Maybe in the future we can dispense with the nonsense "My OS is unassailable" argument and move on to agreeing that people who write viruses are the scum of the earth, even lower than spammers (their nearest relatives on the de-evolutionary scale).
On the Windows side, this type of social engineering attack is common; you can assume the user has not created an account with restricted rights, so no need to ask for the admin password. By the way, if you do create and use a restricted Windows account, you are just about as safe from this style attack.
Wonder how many Mac users can be tricked into typing in the admin password?
secure system of the major commercial OSes.
Windoze fanboys, resume your one-way ride with Billyboy.
post EVER!! Im going To critique everything you said:
Cheap jabs at PC users... nice... look, the NUMBER of
vulnerabilities hardly matters.<The number does matter--say a
person is smart because it asks for the password and says that
its a trojan (thats how stupid most Window$ users are) and
another does its best to hide that its a trojan, they install the
software, well this one is like the first incident I mentioned, only
stupid people would download it, but for Window$, there are
tons for stupid people and people to be tricked.> and the It only
takes one vulnerability to destroy your company.< What the
HELLL are you talking about; one vulnerability will destroy
Apples website, there factories, the boxes the products shipped
in, etc??? Forget the numbers argument... you are secure, or you
are not. A single vulnerability makes that determination.< Like I
said earlier you once again are wrong.>
Now... the difference here... is that when an exploit such as this
is used against Microsoft's customers, the Mac and Linux zealots
blame Microsoft.< We have the right to blame Micro$oft for
taking there good old time for security/software updates,
therefore they do an unprofessional job.> You have to know the
same is headed your way, or you probably wouldn't have
preempted the discussion with a defensive statement and a jab
at PC users. <Lets see, a couple trojans since '84 compared to
Micro$oft's thousands. You make the call!>
You said it yourself:
"anyone with common sense knows that all OS's have flaws"
<True but you talk about security so therefore this comment is
completely irrelevant.
So... would you like the vulnerable operating system? ...or the
vulnerable operating system? I would like the OS that only had a
couple trojans since '84 THANK YOU VERY MUCH!
As the story describes, this ISNT a "virus", this ISNT a "vulnerability". This is literally tricking Mac-users into sabotaging their own computers by intentionally downloading and running a "...malicious program".
And, it apparently requires quite a few steps, to do it.
So now, some of these pathetic "fan-boys" (??? PAID ???), are just FLAT-OUT LYING to try and turn attention away from the FACT that Microsoft-products have, at this point, had literally THOUSANDS of REAL vulnerabilities and viruses discovered and exploited.
These same people are also now so DESPERATE that they feel compelled to repeatedly chant the even more RIDICULOUS propaganda that, "...all it takes is one vulnerability". And, that "...even one" such vulnerability would, somehow, show that, even the MOST SECURE operating-systems on the planet are, against ALL FACTS to the contrary, just as bad as MS-Windows", ...which by the way, HAS been PROVEN to have the WORST SECURITY of ANY commercial OS.
Oh, ...and I dont even know how to use a damn Macintosh, but this OBVIOUS BULLSH*T really pisses me off.
1) Accept a file from an ichat buddy
2) Decompress it
3) Open it
4) Double click it
5) Enter my administrator password
6) Take an electric toaster into the bath
its hardly a threat unless your hugely stupid
1- Run as admin
2- not use a firewall
3- not use an up to date AV
4- not patch the OS for more then 6 months
5- double click everything that comes into your inbox
by the way, not running as admin (or using somthing like DropMyRights from MS) eliminates 99% into itself.
But there seems to be an endless supply of folks willing and able...
This is a social enginering trojan and has nothing to do with the OS. This "virus" was also being heavily publicized by Sophos which happens to be a company that makes Mac anti-virus software.
Nothing like a company making a product.. than glamorizing any news that might actually help them sell this product. Of course CNET will help them spread their FUD what else is CNET for?
to a machine should know better then to open and put in their
password to run some unknown file, and anyone who doesn't
shouldn't have admin access to begin with. It's the whole principle
of having a secure system.
When this installs without permission just by receiving the iChat
message, or something happens to that effect, then it will matter.
Give us a Virus, a breach of security story or something with a
breaking headline. Come on!! How I wish I got back the four
minutes it took to read this article.
As far as I know OS X has been out five years already, and there
isn't any serious virus or security issues, yet. Yes,five years! Not
one. MS Longhorn (aka Vista) on the other hand hasn't even
reached release and the beta is already plagued with a few
viruses. Now, I hear they are working on something called
"Singularity" called Longhorn II (aka Vienna sausages) or
whatever.
Oh Brother!
Regardless...you would think somebody would want to take a
shot at OS X in the five years it has been out by now. Especially
because its been branded as being secure by most tech critics
and hmmm..I don't know...there has to be atleast one jealous XP
guru_ tech _programmer_IT_pirate_type_ user out there that just
can't stand Apple..... but again nothing major to report on.
And of course, Symantec and McAfee want to have their fair
share of publicity as well on OS X, because their whole business
revolves around security!! Wake up and smell the coffee!! God
forbid what would happen if everyone had to run OS X instead of
Windows. But of course back to reality. I would think they
wouldn't want that to ever occur? ...Why would they?? They need
to make money too. And these are just a few of the companies
that make up the troubled PC ecosystem. But generally people
stick to what they're comfortable with, can't argue with that.
But the bottom line is report on something of a serious nature
and I'll consider putting my Mac on the shelf and go-across-the
board- PC- style and thats if, and only if, OS X ever has a
security meltdown of internationl proportions. Why not it should
be an easy switch.. Vista is looking like OS X anyways? Shouldn't
be hard. Piece of cake.
I suspect CNET is serving the interests of the antivirus companies here. But I don't think those companies are trying to sell antivirus software for OS X, but instead trying to create doubts in the minds of those who would switch to OS X for security reasons. Fewer Windows users = fewer sales of antivirus software.
http://en.wikipedia.org/wiki/Trojan_horse_%28computing%29
anything this trojan/worm does..
News of this trojan/worm will spread much faster than the worm
itself. It's not like it can spread exponentially and undetected ... a
la ZOTOB and others. If that happens, the Apple-haters will really
have something to cheer about.
Microsith has dug its' claws deep into major corporate america
IT managers since day one.
As long as "those computers keep crashin' & being buggy" IT
staff/Virus software/Microsith make money & have jobs.
I have never met any corporate IT person that manages Windows
PCs that doesnot own a LOT of MS stock & get "favors" from
Microsoft for doing business with them.
THAT'S WHY IT drones defend their Lord & Master Microsith
because it keeps them working away fighting viruses,
downloading SP patches, reimaging & resetting all the security
settings on all the computers, maintaining firewalls full of holes
with their WintelDell Servers & MS Windows for Servers
software...
Apple offered $10,000 to anybody who could hack into their
UNIX OSX server & find the secret easter egg message...
Nobody was successful.
MAC OSX absolutely virus free forever...? NO.
Windows has 90% of marketshare + 90% of viruses.
Maybe Longhorn/Shorthorn/Astalavista 2007 can fix all their
legacy beleagured Windows OS...?
time will tell...
Apple has already made their Auto Software Updater available
TODAY for this MINOR issue that is NOT a worm.
Apple's closed system approach is not a viable solution for large scale deployment, no matter how much you want to villainise MS.
If the customer's apps won't run on the OS what good is it to them? But I'm sure a big smart man like you can figure out how to rework an enterprise environment, train 50,000 users, and do it all with no downtime right? Not to mention get the funding approved to buy all the new hardware and step up Apple's production capacity to meet the new demands in a reasonable amount of time.
Is this the message that no one was able to find:
http://www.cnn.com/2006/TECH/ptech/02/17/apple.hacker.poem.ap/index.html
Im one of them, So that makes your statement irrelevant. You just met a person without any of this.
"Apple offered $10,000 to anybody who could hack into their UNIX OSX server & find the secret easter egg message... Nobody was successful"
Did you ever stop to think that at the time, knowone cared?
Personally, I think that OS X is a great, powerful, stable and secure system. So is Windows. The difference is the config out of the box. But they are both very powerful platforms with their own Pro's and Con's.
OSX is what I use - not who I am. I'm amazed out how so many obviously intelligent people can fight over two huge multi-billion dollar companies that pay us ...err...nothing.
Use what works for you. If you're a Mac user - admit it - Windows ain't that bad - and gaming is fun on them. If you're a Windows user - admit it - those powerbooks are kinda cool but kind of expensive.
As consumers, professionals, and intellectuals shouldn't we care more about getting the outsiders (hackers) to use their powers (also obvious intelligence) for good. (Forgive the superhero pep) I'm thinking "Wow - if these guys decide to get together and make products instead of yet one more virus celebrating an ended relationship - we (Win/Mac) users would end up with great gear.
Good luck - Let the discussion(?) continue.
As many have said before, no OS is totally secure. And although I'm sure Bill Gates would pay many billions of dollars to have Windows be just half as secure as OS X, the day will come when there is a real threat to Macs. It's inevitable. So they better start paying some attention to security.
People who can create windows malware (or hack into a Windows computer are a dime a dozen), but creating the first real OS X virus/worm would be a real prize for some cracker.
You know someone out there is working on one.
http://www.theregister.co.uk/2006/01/11/itunes_vulns/
http://www.theregister.co.uk/2006/02/08/apple_vulnerability/
enjoy ;)
Corporate & Home User Risk Level : LOW
Assessment: PROFILED 02.16.2006 by Apple & handled via free
software updater on Mac OS X.
- Ok...
-
by Eight_tracks
February 17, 2006 1:27 PM PST
- Ok, so your original post was just misleading. If wasnt hacked in a small competition, but is was hacked. Fair enough?
-
Reply to this comment
-
See all 74 Comments >>