By Andy McCue, 16 February 2006 16:45
NEWS
The first virus to target Apple's Mac OS X operating system has been discovered in the wild, according to security experts.
The virus, called Leap.A, was discovered by UK antivirus company Sophos and spreads via the iChat instant messaging system. It forwards itself as a file called latestpics.tgz to contacts on the infected users' buddy list.
The virus appears to have spread after members of a Mac user forum were tricked into clicking on the file, which was posted as an external link promising screenshots of the Leopard Mac OS X 10.5.
Graham Cluley, senior technology consultant for Sophos, called this the first "real virus" for the Mac OS X platform.
He said in a statement: "Some owners of Mac computers have held the belief that Mac OS X is incapable of harbouring computer viruses but Leap.A will leave them shell-shocked, as it shows that the malware threat on Mac OS X is real."
Comments
There are 31 comments. Join the discussion
1. N Miller
It's about time we got noticed! I think...
2. anonymous
it's not a virus. I downloaded it. it requires two sets of double clicks to open and an admin password. There are no effects of it. It's barely a trojan horse. I got error messages that said permssion denied. clearly the creator didn't test this at all
3. kev
ha long live windows xp thats linux and mac all in one year god i love it.
4. John Dixon
Just shows that Mac users (and I'm one!)are just as stupid with clicking on unannounced attachments.
Does it say something that we get excited about the look of a new operating system rather than, say, Anna Kournikova naked..?
5. Richard
At last! Finally all those Mac users out there who constantly go on about how the MacOs is virus-proof even without anti-virus software installed will get a well-deserved shock.
I've been telling my customers for years that their Mac systems are not secure, and that they too need Anti-virus software and a firewall installed. Maybe now they will wake-up and listen!
6. Martin Lukes
Getting the Pip
Maybe Apple can do the thing Microsoft refuses to do - lean on Congress to ensure that virus writers are prosecuted for criminal damage and go to jail. It's not big and it's not clever, it's criminal and should be punished.
The US is keen enough on locking people up who might or might not have done anything, even when the DoD can't think of anything specific they might have done, but I suppose white college kids in Gitmo wouldn't look too good on the news. If any of the TV stations showed it in the first place.
It might not work though - Lindsay England could be the geeks' big fantasy, for all I know.
Meanwhile - what fricking a/v software is there and why don't you tell us?
Meanwhile, if XP is linux and mac, why does it take the system down when the app crashes? Maybe it's a branding thing.
7. Josephine Bacon
Mac virus creators have to go to a lot of trouble to get a virus in there, and it can't hide in the boot tracks as it used to with the PC. I think this is a bit of a storm in a teacup.
8. PC User
Wot no mac fan comments???
sing it proud - "and its all gone quiet over there....and its all gone quiet over there....."
9. anonymous
He he he! ... at last something to wipe that smug 'Macs don't get viruses' smile off their faces!
10. artboy
tosser. it was inevitable that a platform os would be attacked and it was only due to widoze dominance that it has taken so long. however doesnt it seem likely that mac users are going to be able to fight dumb attacks such as this, and because of the thriving open system development available to *nix users, its going to be patched faster than microsoft can manage it?
11. anonymous
It was due to happen some time and it has.
Am i glad i use Windoze, and Anti virus software!!!
12. John chapman
Not quite the threat Sophos make it out to be. You have to deliberately install the virus using administrator permissions for it to function on your computer. Just how threatening is that...
13. Simon
Factually incorrect reporting.
AIUI, this is NOT a virus, but a trojan, and it also requires user authentication to install itself. So not the end of the world then when compared with the stuff that can install itself silently without the user even having to do anything. I believe it's not the first either, as there's been a root-kit package about for a long time - but it also needed user authentication to install itself.
Anyone talking rationally about this has never denied that such programs can be written for ANY OS. If you allow a user to install a program, then you allow them to install programs like this. The difference is that unlike Windoze, Linux & Mac OS X both run user processes with user credentials - they don't run loads of stuff with admin rights even though it was launched by the user. This is what makes then inherently more secure by design - but it doesn't make them invulnerable.
14. Paul
Congratulations to Kev for being first out of the blocks with a childish reponse to the news about the Mac virus. Alternatively he could have posted a more grown-up comment. The hatred that some PC users harbour for Mac users seems pathological in its intensity and suggests that some people out there are more than a little unbalanced on this subject. Hey - it's just a computer that you use to do stuff on. You don't sleep with it (or maybe you do). Guess what - I don't care whether you use a Mac or a PC, I just hope it doesn't cause you any trouble. We should be uniting againt the writers of viruses rather than glorying in other people's misfortunes.
15. Paul
Congratulations to Kev for being first out of the blocks with a childish reponse to the news about the Mac virus. Alternatively he could have posted a more grown-up comment. The hatred that some PC users harbour for Mac users seems pathological in its intensity and suggests that some people out there are more than a little unbalanced on this subject. Hey - it's just a computer that you use to do stuff on. You don't sleep with it (or maybe you do). Guess what - I don't care whether you use a Mac or a PC, I just hope it doesn't cause you any trouble. We should be uniting againt the writers of viruses rather than glorying in other people's misfortunes.
16. Joe Bloggs
Hmm was going to happpen at some point
17. Joe Whitehead
Uhm Actually no that's not the first Macintosh attack - it's just the first this _year_!
Compare that to the popular OS's virus/trojan/hijack a day. :)
18. Simon Cox
Well I am not rising to Kev the Bakers infantile remark. One virus. Just the one but I wonder if Sophos has a new Mac anti Virus product ready to ship?
It's not the first Mac virus ever but certainly should wake people up from complacency.
19. Andy Clayton
This is a trojan/worm not a virus. Apple are quite rightly calling this malicious software. I'm still glad I dumped XP for OS X and this won't make me change my mind. The way that OS X (and Linux for that matter) are built makes them far more secure than Windows any day of the week. You have to authorise any installations or root level activity on OS X and that's simply not the case on Windows.
20. Roland Funt
yes, good argument, "kev" - nobody's ever heard of a virus that can affect Windows XP...
21. anonymous
So Kev, you're pleased about 1 mac virus ?
How many viruses are avialble on the windows platform again ?
22. SR
Thanks for the "report". Looks like journalism is down the drain these days. Can't we simply find out a bit more information before we write it?
So, it requires you to accept the .tgz file through ichat, and you click OK for the note that there might be an application inside this (when downloaded through safari). Then, if you are not an admin, it asks you for an admin password. If you are dumb enough to do all the three, then yes! There's a name for these kinds of programs (Trojans).
23. anonymous
Its a real pity and a shame that some stupid programmer is targetting the Mac OS, it struggles to compete against XP. I am a WinXP user, I have no choice, I use Linux every now and then and I was hoping to move across to the more stable and robust Mac OS. So whoever engineered this virus deserves to be shot, as far as I am concerned targetting home users is so uncool, forcing us to pay sky high rates for antivirus software and firewalls just to slow down a wonderful piece of software that is supposed to aid everyone and provide people with a fair choice. Write your viruses for Microsoft, not for Apple, Please.
24. Jerry Attrix
Most of the comments here display a woeful level of ignorance about how malware infects computers. On Windows most people run as root user (administrator privileges) so giving malware free access to their systems. In the more savvy world of MacOS and Linux, people generally run as ordinary users. Anyone stupid enough to provide root access to an unknown program shouldn't be trusted to use a computer.
25. anonymous
this is closer to a trojan. you would also have to be very dumb to not think that password authentication after opening an image isnt suspicisous. and what about the part of it that was supposed to email itself?
26. Duncan Latimer
Was it a universal binary and did it look good?
27. Turbotortoise
Microsoft products are targeted because of their wide spred use and the profitability of the information one can retrieve from them. This, I think, is just a prelude of things to come. As more people begin using non-traditional operating systems you will see more attacks on lunix based and Mac based operating systems.
I do prefere Lunix but use windows because it is the industry standard I come accross often.
28. Kepa Gaztelu Gorosarri
I picked up a mac virus in 1989 WDEF32 (or something like that) 2 viruses in 16 years, thats pretty good going under any test. Blimey, to think that when I first started on an SE20 I would run SAMS intercept every start up, and I didn't even have an internet connection (tho I ws a busy designer, with flopy discs comming and going from clients)... only ever found the one... till eventuallty dumps SAMs and the machine went a lot faster. I sepnt many a moon feeling like the virus checker was in fcat more trouble than a virus... well times change, and thankfully the machines go faster now.
I run an XPpro system along side my system 8 MAC (for posterity) these days, and still happily don't see any viruses. If you take security seriously in 1988 or 2006, these threats can kiss butt. Just avoid being the path of least resistance.
The virus problem is for the terminally unprepared... famous last words I guess.
8¬)
29. Andrew Hodges
Active X, Internet Explorer and the Windows version of MSN are all worse trojans and adware than this "Mac Virus" could ever hope to be.
Most PC users run as administrator, once logged on, their PC lets them do the most stupid of things without ever prompting them for a password unlike the MAC.
If I get a promt to type in an administrator password on my MAC I would guess that the tar ball I just downloaded wants a bit more than it needs to show me a picture, but on a Windows machine, I would only find out that its not a simple archive with a picture until my PC exploded.
Get the picture Kev?
30. mike
Brilliant. Not even a virus. Who was hit? What was it?
Of, a proof of concept that requires you to BEG the computer to accept the Trojan like 4 times?
Wow. The Mac userbase surely will be torn apart by this vicious code.
Oh wait. 30 million users and no one noticed except the security fear mongers.
Thank goodness I have a Mac and never have to worry about this crap
31. David Cantrill
Well, to all of us Mac users, let the few morons who post their little digs laugh away their silly laughs. Let them keep paying Symantec, Trend et al exorbitant fees to protect their machines from Microsofts complete lack of ability to build a secure operating system. If they had actually taken the opportunity a few years ago to build in proper user level security that restricts kernel access maybe we could talk about a real comparison between OSs. As it stands, we have one exploit of not the OS but people's stupidity. If I want to willingly install something on my machine, I must be willing to accept the consequences. Long live the secure OS.