A Mac Virus?!?!?

I added in the EDIT that you have to do it from a new account.

 

This might be a good time for a little public service announcement. It's not the best idea to do everything from your default Mac user account (the admin one). If you poke around in your applications folder, you may notice that you have write access to many of those files, no password required. Installers could and should do a better job here, but they don't.

Set up a second, non-privileged account, and do your day-to-day stuff from there.

 

It just gives you the same list. Unless you have already removed the infected apps, then it picks all new ones.

 

I am currently backing up RELIGIOUSLY everything on all of the computers in the house to my external. Then I'm going to disconnect my external so it doesn't get infected. My Mac is not infected yet *knocks on wood* but I cannot afford to lose any data. Right now, I am genuinely scared as to what is going to become of this.

I wonder what the mods are doing about this? Are they aware of it? This guy might be punished by law if anything serious happens like data loss. I'm like shaking. Someone please comfort me.

 

Alright guys, I am VERY relived to discover that my laptop is the only computer of mine infected. I am running ClamXav during the night to see what comes up (I am also running it on the other computers just incase). I have backed everything up but there isn't anything important on my laptop. So I am dedicating my laptop to the effort of removing this virus and to find out what exactly it does (if i can't / haven't get rid of it)

 

This might be a n33b question, but can this be officially called the first Mac virus?

 

This is a VERY< VERY sad day for the Mac platform. I always hoped that this would not happen in my lifetime. I am almost in shock now, I can't believe this is reality. All because of this bastard with hi pics. I am extremely pissed, sad, and scared. This guy needs to pay. This is war IMO.

 

There have been Mac viruses in the past, before OS X. This program falls more in between a worm and trojan horse. This incident does, however, provide a wonderful opportunity to tell overly complacent Mac users "I told you so." Stuff like this, and not classical viruses, is how most Windows malware spreads.

 

Maybe someone should email the file to symantec or another antivirus company so they can analyise it.
If it is the first mac virus then I can proudly say "I was one of the first people to get a mac virus"
Also has anyone tried Pm'ing an admin to see what they say about it.
The other day after I got the virus, before the 10.4.5 update I reinstalled the OS. 1. to get the virus off my ibook, and 2. because my KB was acting up again and wanted to see if it would fix it (It didint), but all is good because apple is sending me a new one.

Also a quick question for those who got the virus. At the time I ran the file i had my external hard drive connected which has some apps on it, along with my backups. Does this only propigate in the main drive or everywhere an app exists.

 

It's not surprising that an Admin account would allow something to cause problems via the terminal.

This still seems more of a social engineering Trojan than a virus. I'm not worried about catching it. Don't you have to accept the file from IM to get the "infection"?

 

Did you just proclaim war over this? lol...

 

Really late into this

But reading this thread is giving me a headache. Can someone simply spell out a few things: How do you become infected? How do you know your infected? How do you treat?

 

Well if we think of the positive side, one of us can now have the honour of posting to SlashDot the first Mac Trojan / Virus...

 

I have sent a threatening PM to lasthope and have forwarded the PM to DoctorQ as well. I have also asked DoctorQ for the users email address or if he can't release that for him to forward my message to it as well. Of course I have asked that lasthope be banned.

 

What do you mean by full logout VS a quck logout?

 

I submitted a story to Macrumors about this, lets see what happens. Just watch, front page of MR, Mac virus!!

 

Oh ok, I can full log out on my laptop but iChat Agent crashes so im trying to find it and replace it with an unaffected copy.

 

Has anyone contacted Apple about this? Someone with more knowledge than me should really contact Apple and let them know that this is becoming serious and many people are becoming infected. Maybe they will know what to do or release a patch or something.