This one ads even more mis-information.
|
Posted on 02/24/2006 11:24:48 AM PST by Swordmaker
The iChat malware has been dubbed Leap-A by antivirus firm Sophos
FEBRUARY 16, 2006 (TECHWORLD.COM) - Apple Computer Inc.’s Mac OS X software has been hit by a mischievous instant messaging virus -- the first ever to target the operating system.
The virus, dubbed Leap-A by antivirus company Sophos PLC, apparently spreads using Apple’s iChat IM service, forwarding itself as a file called “latestpics.tgz” to an infected user’s buddy contacts, according to information from U.K.-based Sophos.<>
Clicking on the file allows the malware to install and disguise itself as a harmless-seeming .jpeg icon.
Leap-A is believed to have originally been posted on a Web site for Apple users, posing as a software update. Although the virus is benign and is not believed to be spreading in large numbers, it still marks a minor landmark for a system that has come to be seen in some quarters as immune to such mundane security issues.
“It’s probably been written for publicity or as a proof-of-concept,” said Graham Cluley, an analyst at Sophos. "Some owners of Mac computers have held the belief that Mac OS X is incapable of harboring computer viruses, but Leap-A will leave them shell-shocked, as it shows that the malware threat on Mac OS X is real," he said.
Cluley said that some Apple users were claiming that Leap-A was somehow not a real virus because it required the victim to click on the link, an objection he branded as ridiculous. Many PC viruses needed user interaction to set off infection, he pointed out, and this one is no different.
Despite being aimed at Apple users, the virus follows broader trends in attempting to spread through instant messaging, the new application target of choice. This is seen as a less protected channel and therefore a point of vulnerability.
Although this is unlikely to be the last virus aimed at Apple users, it has a mischievous old-world feel to it. As with PCs, an increasing number of the platform’s security concerns now revolve around exploiting specific software vulnerabilities rather than code that aims to spread mayhem as well as itself.
"Believed" by whom??? This is an example of the FUD written by people who really don't know what they are talking about. A cursory investigation would have revealed that we know exactly WHERE Leap.A was first seen and by whom... and it was NOT as a "software update." It was masquerading as a zipped set of supposed JPEG images of the next incarnation of OSX, Leopard.
This one ads even more mis-information.
|
With all due respect this was bound to happen. With increasing market share and Mac users constantly bragging about how their computers didn't get viruses, it was only a matter of time before some hacker decided to meet the challenge.
Relax. Malware happens, and it shouldn't reduce the enjoyment you derive from your platform of choice. Are you on the payroll or something?
SO inother words the use installs something that does bad stuff, this is a trojan not a virus.
Has anyone have any first hand experience with this...
Bring out your dead!
Bring out your dead!
The end is near!
The fact is that most viruses now require permission from the user to install, and no operating system can be completely immune from user permissions.
They noted that instant messaging is the new target of choice, and I think that everyone should be aware that every time a new program type comes out, there will be vulnerabilities, especially for the first little while.
Well, sort of. Firefox shows the file as a tar.gz file and then downloads it to your directory of choice. You still have to double-click on the file to execute the shell script.
But he hasn't "met the challenge"... this is far from a self replicating, self propagating virus... it is a Trojan and not the first of that breed for the Mac OS X.
I like... thanks. I will incorporate it in the next Mac Ping list Ping... nice job, Anonymous.
Swordmaker
This one is even more limited than that... it only "works" on "Bonjour" iChat... a local network protocol. I put the word "works" in quotes because it took two MacWorld Macintosh experts with the assistance of a security company four hours to get it to send itself from one computer to another. And that's with the recipient WANTING to accept it! It's not very virulent, is it.
And that makes it not a virus.. and it's not even the first Mac OS X trojan. That dis-honor goes to a 400k file that surfaced a couple of years ago pretending to be a compressed copy of the Microsoft Office for Mac Install CD. That one actually did some damage to the two or three greedy Mac users who downloaded it and ran it... it wiped their user directories... something they richly deserved.
Yes. You can still download the gZipped file and manually uncompress it and click on the supposed JPEG file thereby executing the payload. Like any trojan, it relies on tricking a user into installing and running it. Social Engineering. The Nigerians use the same approach to empty some foolish peoples' bank accounts.
I could create a similar Terminal script attach a .MOV icon to it and post it as a picture of Hillary Clinton cuddling with Vincent Foster... and trick people into clicking on it.
The fault here is that on OS X, the Icon and .extension do not necessarily denote the real type of file. That is determined by metadata in the file itself. Apple needs to insert routines to compare icon type to metadata before allowing a file to appear in the Finder. At least a warning should appear that says "WARNING: File type and Extension do not Match".
Bound to happen? You mean ONE proof-of-concept that is not "in the wild" as virus gurus like to call it (despite what has been reported, it is not on the loose)?
This is the same stale news, reprinted with even more wrong information.... looks like those in the technology media industry are no better at fact-checking or even doing a little research on their own than the Lame-stream media sources.
I will be the first to admit when I feel ANY threat to my computers. That time has yet to come (and I don't expect it any time soon).
And yes, I know what you really meant - that someone would finally take a stab at MacOS X simply because of it's reputation (even if it's a "limited" market).
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.
