Looking at the Macworld article, if they're right that Oomp-A/Leap-A/Oompa-Loompa can't spread itself on the Internet, it's clear why this is far from a successful virus.
Here are the steps, as I understand them (please add corrections), which you must meet in order for Oomp-A to spread to your computer:
1. You must be an iChat user, and iChat must be set to Available (sometimes you must set to Available repeatedly before the virus will notice).
2. You must have activated Bonjour in iChat (off by default).
3. You must be connected to a LAN (Oomp-A cannot spread over the Internet) and in the same subnet as other iChat Bonjour users who are currently online.
4. One of those users must have you on their Bonjour buddy list (not the main iChat buddy list).
5. One of those iChat buddies must have previously manually activated the virus themselves by these same steps.
6. The file the "virus" offers through Bonjour must not be corrupt. (The virus has a bug which sometimes corrupts its own file, rendering it harmless.)
7. You must accept the file that the "virus" offers via Bonjour: you must believe you are actually chatting with a buddy (even though the virus sends no message with the file), and believe the buddy has sent you a legitimate picture that you wish to view (even though the file is clearly an archive and not directly an image--it doesn't even have an image icon at this stage).
8. You must double-click the downloaded file to extract the program.
9. You must the double-click the program as well (dropping it into an image viewer or using Open With will not trigger it).
10. If you are not an admin user, you must provide the virus with an admin username and password when prompted.
11. The virus only attempts to infect the four apps most recently used when it launches.
12. Only apps owned by the currently logged-on user are infected. Applications owned by the system (such as those that came with the machine or those installed by the Apple installer) are immune.
13. Only Cocoa-based apps are infected. If none of the most recent four are Cocoa, no infection occurs. (And if they are Cocoa but already infected, the virus doesn't seem to look any further.)
If ALL of the above are true, the "virus" can spread itself to your Mac. But it can only spread further (even to more apps on your own Mac) when you later run an infected application. And even then it can't happen in secret--there are at least FIVE warnings (some blatant even for basic users) that things are amiss:
1. Although it looks like an iChat Bonjour buddy is offering a file, there is no chat message explaining the file--it's a mystery arrival. And when you try to chat with them, they of course fail to reply or know nothing about it.
2. When you're asked to download the file, it doesn't even have the icon of an image: it's in gzip form with an archive icon, which makes no sense as a way to send an image over a LAN.
3. Then, after downloading and assuming you double-click the mysterious "gzip" file, the extracted "virus" application gets a JPEG icon, but still NOT a JPEG name.
4. When you double-click it, a Terminal window appears showing the virus running, not the expected image.
5. Infected applications refuse to launch. So it's impossible to keep using them and triggering the virus unaware of a problem.
Just for some perspective
compare to the recent exploits of the
Windows WMF flaw found in every version of Windows from 3.0 up--including Vista, Server 2003, and the lastest fully-patched service pack of Windows XP. Steps required to be
infected:
1. Visit an infected web page using Internet Exlorer.
Or 1. View an infected email. (Or is this one of the ones where you can be infected by receiving a message and not even viewing it?)
Or 1. Index a hard disk with Google Desktop.
Or 1. Click a link in MSN messenger.
Etc.
I'm thinking Mac users shouldn't feel too bad... One (1) LAN "virus" that can't operate without a very rare set of conditions? That's what worries us? We are indeed spoiled
But it's still good to be reminded of potential issues. Awareness will always be vital, and no OS will ever be perfect. The theory that this "virus" was created benevolently as a reminder is actually plausible to me.
And Mac OS X still has zero Internet viruses, and zero worms.