Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Mac OS X Trojan Warning

Huh?

What Mac OS X fool has

1. Icons of music files on his desktop, which are

2. MP3, not AAC?

Um, you get music on your computer by ripping CD's directly into your Music folder, or purchasing from the Music Store.

Sounds like this one prays on music pirates. Boo hoo! :)
 
They actually had me going for a minute until I got down to this part of the statement... :rolleyes:

"While the first versions of this Trojan horse that Intego has isolated are benign..."

Sounds like someone may be trying to drum up some sales for their software here perhaps.
 
i for some reason don't think this will have any effect...

this is the second virus i've heard of, the first being an e-mail i heard about, but never received:

"You have received a virus! To fix the problem, launch terminal and type the following exactly:

sudo rm -r /System

When prompted for your password, please enter it.
Congratulations on being virus free!"


or something like that...

reality
 
snahabed said:
What Mac OS X fool has

1. Icons of music files on his desktop, which are

2. MP3, not AAC?

Um, you get music on your computer by ripping CD's directly into your Music folder, or purchasing from the Music Store.

Sounds like this one prays on music pirates. Boo hoo! :)
Click to expand...

Well, I, for one, just downloaded a legally distributed free mp3 today. It was a promotional mix a dj is giving away.
 
ditto

Lancetx said:
Sounds like someone may be trying to drum up some sales for their software here perhaps.
Click to expand...

Exactly what I was thinking.


Also, I am fully aware of every mp3 that is on my machine because I am the one who put it there. I guess I'm my own best virus protection. :)
 
I'm not gonna worry too much about it until it is added to another defenition file in a different anti-virus software package or securityfocus.com has something about it.
 
Awimoway said:
http://groups.google.com/groups?hl=...l-5D750C.02150821032004@news.bahnhof.se#link6
Click to expand...

To follow up, it appears that this is merely a proof of concept virus, hence, it is utterly benign. It was not made with any malicious intent, but to demonstrate one way that OS X could be exploited. The discussion group is concerned with making OS X more secure, not less.

Somehow, Intego got wind of it and blew it out of proportion, but I suppose it is theoretically possible that future viruses could be modeled on it. However I'm sure that Apple could, even more quickly, release a security update that fixes this.
 
This sounds like outright b.s., though I could be wrong. Just look at this statement from the press release:
The Trojan horse's code is encapsulated in the ID3 tag of an MP3 (digital music) file. This code is in reality a hidden application that can run on any Macintosh computer running Mac OS X.
Click to expand...
An application is embedded in an ID3 tag? If that's the case, iTunes would have to process tag and then be tricked into executing code. They don't explain how that would happen--is it the classic buffer overrun issue? Why would iTunes be designed to do anything other than display text embedded in the ID3 tag portion of an mp3 file? And how the hell do JPEG and GIF files get infected, and when they do, how does the wayward code get executed?

Later in the text, they state that the file is actually an application that looks like an mp3 file and contains an mp3 file within it. So... which is it, fellas? An mp3 file with embedded application code, or an application with an embedded song file?

Oh, I just read the Google Groups link. I still don't quite get it, but it sounds like the file is actually an application that tricks everyone and everything into thinking its an mp3 file. At the very least this is a poorly worded press release.
 
I don't know what to make of this. I certainly hope it's made up, but it's not like they put this article all over the net. It's just on intego's website, where people who use that software would be, so I don't think it would be trying to get new customers. The best thing about macs is the lack of viruses. If this is true, then...crap.
 
Well, it's not like it could do anything other than erase my user files anyway. Nothing a quick restore from backups couldn't fix.

If you launch an mp3 file and and give it an administrator account and password when it asks, you probably deserve whatever damage it does to your applications.
 
Intego issued a security warning regarding the first Trojan to attack Mac OS X computers.

Mac OS X displays the icon of the MP3 file, with an .mp3 extension, rather than showing the file as an application, leading users to believe that they can double-click the file to listen to it. But double clicking the file launches the hidden code, which can damage or delete files on computers running Mac OS X, then iTunes to play the music contained in the file, to make users think that it is really an MP3 file . While the first versions of this Trojan horse that Intego has isolated are benign, this technique opens the door to more serious risks
 
Nothing to worry about

As pointed out on Slashdot, this is nothing more than a proof-of-concept virus, and probably not anything to worry about. Read (posted below)
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back