Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

The First Mac OS X Virus?

PC Enthusiast said:
Wow this is really cool. Everyone thinks Macs are imune to viruses and I'm glad that someone proved that they are very wrong. The only reason Macs rarely get viruses is because such a small percentage of people use them. This is great...I'll finally be able to shut up my Mac loving friends.

By the way I don't support the making of viruses I think its bad. I just think its cool someone proved the Mac lovers wrong.
Click to expand...

We're not even talking about Virus! Get your facts right! You have enough viruses to worry about on your platform.
 
This Is No Virus

This is NOT a Virus.


Period.

Should we keep our eyes open to these things? Sure!
Is it important to state that the user MUST be very very careful at every moment? Yes!
Is this a virus? NO.
 
Don't run as admin, and do run ClamXav

This is no need for concern. Of course you can mess up your Mac, if only you're stupid enough.

It's a good idea to change the user status for daily use of your Mac from 'administrator' to 'standard', and to have ClamXav Sentry (freeware, small CPU and memory footprint) running as a startup item. Do that, and you're quite safe.

This is in no measure comparable to what Windows users have to do to try and protect their systems.
 
Change topic title

BTW, I'd suggest a change of the topic's title. This is no virus, so it should read "First Mac OS X malicious trojan?". :)
 
ScottB said:
Since it uses spotlight, does this mean only tiger is effected and not previous releases of the OS?
Click to expand...

Definetely, I'd say. Which doesn't make it much better by the way.

What concerns me most is that it can replicate and propagate through the network... but hey, after all it only does what you told it to do after you double clicked it and gave it administrator rights.

Should anyone inspect the code more thoroughly we surely would know at what level can this make us any harm or not. Personally, as I always check files' extensions, get info on what I do not know, and never type my administrator password without knowing 100% what I'm doing, I'll stay as safe as ever. Still waiting for the first executable that runs without me clicking on it and asking for permission... :)

This is more important as a call for atention to users than it is to Apple. There's very little that Apple can do to prevent its users from being naive and uncareful. Maybe forcing EVERY application to show the "You are launching an application for the first time - are you sure?" dialog box at the first launch could help... but there's very little Jobs can do if someone runs some malicious script at their will.
 
mdavey said:
# Extend Disk Utility so that it knows the correct md5 fingerprint of files in addition to the correct permissions. Provide an option that causes Disk Utility to report files with incorrect fingerprints and files that have been added to applications. It is important that the utility reports files that have a fingerprint from an older version of the OS as a cracker could choose to replace a binary with an older version that has a vulnerability so as to provide an additional back door to the system.
Click to expand...
Adding integrity checking mechanisms to Disk utility is actually a very good idea.

One thing I would like to add at the end, security will always remain a people's problem. No matter how secure an OS is, if a user doesn't care and isn't careful there isn't much an OS can do. Security is a chain that is strong as its weakest links, and the human factor will always remain to be this weakest link.
 
PC Enthusiast said:
Wow this is really cool. Everyone thinks Macs are imune to viruses and I'm glad that someone proved that they are very wrong. The only reason Macs rarely get viruses is because such a small percentage of people use them. This is great...I'll finally be able to shut up my Mac loving friends.

By the way I don't support the making of viruses I think its bad. I just think its cool someone proved the Mac lovers wrong.
Click to expand...

It sure is nice to see trolls joining Mac Rumors. Oh and you do realise this is NOT a virus. If a Mac user posted on a PC forum every time a PC user got a trojan or a virus... :D
 
qtip919 said:
This is great...(I used to work for MS security)

;)

Remember...that which does not kill us, only makes us stronger...

We all need to take a deep breath and think about what this means. If this is indeed a virus that can either corrupt the system or delete files, then someone has done what is made possible by the OS.

Also, this should be a wakeup call to all mac users. Opening any file without knowing the source is FOOLISH...I dont care what OS you are using. Just because you are using OS X, doesnt mean you should be opening any file someone TEMPTS you with....

The more I think about this, the more I laugh...

Pics of OS 10.5...brilliant...

Windows users are tempted by Brittney spears, mac users by a new GUI element in their operating system...
Click to expand...


And the reason is simple: how in the heck a sane person would be tempted by a Windows new GUI??? :eek: ;)

Hehehe.
 
LMAO! :D

Let's not help spread the FUD, this is the same that has happened before, but for the fact that in this particular case it seems that there was intention to do harm.. or at least to do "something" with the user's files.

But this is a hoax application that manages to replicate and propagate itself - aka Trojan.

Oh, man, I can see the news everywhere: "Mac OS X has viruses, no longer safe" and the likes... We're scre*ed. ;)
 
gedto said:
In addition, an antivirus would've been completely useless in this case, because yes! You guessed right! This is no virus. ;)
Click to expand...

Virus, trojan, whatever...it worked.... :cool:
 
Wow! This is bad. I'm sure it will hit the lay press either today or tomorrow (knowing how slow they are - probably tomorrow). It seems that the simple fix for this on Apple's part is to require an admin password (even when logged in as the Admin) anytime an executable is run, or even more precisely, anytime a modification is made to an application (as this trojan does). That would effectively prevent this trojan from being installed. Unless, of course, the user wasn't so bright and just put their password in anyway.
 
Cubert said:
Wow! This is bad. I'm sure it will hit the lay press either today or tomorrow (knowing how slow they are - probably tomorrow). It seems that the simple fix for this on Apple's part is to require an admin password (even when logged in as the Admin) anytime an executable is run, or even more precisely, anytime a modification is made to an application (as this trojan does). That would effectively prevent this trojan from being installed. Unless, of course, the user wasn't so bright and just put their password in anyway.
Click to expand...

That's how it works currently. You should not work with an administrator account if you are not sure that what you're doing is safe. Double clicking a file with the .app extension does not seem very careful, especially after Safari warned that it contained an application. While working in a normal user account, it should ask for your password... or fail, as it has, to make any changes in the system files.

uncle sam, your mac cannot be "infected": you must download the app, double click it and - depending on your setup - type in your admin password to execute -> THEN it will execute successfully...


...as any other application would.
 
gedto said:
uncle sam, your mac cannot be "infected": you must download the app, double click it and - depending on your setup - type in your admin password to execute -> THEN it will execute successfully...


...as any other application would.
Click to expand...

I wonder if someone could somehow get it to stick around and wait for an admin password to be typed in (maybe sit in the memory). Let it get the password that way and then it could get around that problem...
 
Hello, all you smug Apple users.

OSX has a virus ( well actually Trojan ). its not all untouchable as you all fantasied.

Trojans are probably one of the easiest 'vuns to create.
 
Stella said:
Hello, all you smug Apple users.

OSX has a virus ( well actually Trojan ). its not all untouchable as you all fantasied.

Trojans are probably one of the easiest 'vuns to create.
Click to expand...

Well strictly speaking it is not really a virus since it is impossible to patch against that kind of thing (unless of course you want Apple to do it the way Microsoft did and tag each downloaded executable file so that you'd get a prompt each time you try to run it)

If anything we need more prompts on MacOS!

"https://forums.macrumors.com contains a script, are you sure you want to continue loading this page?"

"Are you sure you want to run this javascript?"

"A script attempted to modify a document object, are you sure you..."

"Are you sure..."

"Do you want to..."

:rolleyes: :rolleyes: :rolleyes:
 
gedto said:
Maybe forcing EVERY application to show the "You are launching an application for the first time - are you sure?" dialog box at the first launch could help...
Click to expand...
I want this to be a feature of the next OS, if not an update of the current.
 
Well that was a fun welcome to the new day!

"OSX has a virus!!!"
"...its not virulent or malicious"
"........its not a virus"

So what exactly is it? what does it do? I think about the most pathetic virus in history is one that just does nothing. like you'd go up to it... "excuse me, what are you doing here?" "well. um.. I was told to sit here but I can go if you want?" "really? well its just I've got some friends coming ov..." "oh no mate its cool its cool" *toddles off*
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back