Warning about a New OSX Trojan

[Pika]

Don't laugh.

According to a post on Symantec's Security Response, the new trojan called OSX.Loosemaque presents itself as a video game while secretly deleting files from the player's home directory.

It arrives as a Mac OS file named "lose lose.app" and 3,691,880 bytes (3.5 MB) in size.

When a user is tricked into running the trojan, the user is presented with a video game:

If the player shoots an enemy character, a file or folder is deleted from the player's home directory. When the player's character is destroyed, the trojan sends the high score to a remote server and then deletes itself from the computer.

Symantec recommend the following practices, among others, regarding this trojan:

• Use a firewall to block all incoming connections from the Internet to services that should not be publicly available. By default, you should deny all incoming connections and only allow services you explicitly want to offer to the outside world.
• Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
• Ensure that programs and users of the computer use the lowest level of privileges necessary to complete a task. When prompted for a root or UAC password, ensure that the program asking for administration-level access is a legitimate application.

Sensible, but irrelevant.

Symantec recommend the following steps to remove this specific trojan:

1. Update the virus definitions.
2. Run a full system scan and repair or delete all the files detected.

This is interesting because, according to the write-up, this trojan won't be detected by the weekly virus definition updates until tomorrow, November 4th.

Now you can laugh.

 

[iVoid]

It's NOT SECRETLY deleting files.

When you open the app, it puts up a message saying that it WILL delete files when you shot the spaceships.

So if any files get deleted, it is the stupidity of the user.

Seems to be called an 'art project' by it's creator (more like a psychology experiment).

TMO had a news bit yesterday on it: http://www.macobserver.com/tmo/arti...deletes_your_files_with_every_ship_destroyed/

 

[*LTD*]

It's a game. It tells you what it's going to do.

Nothing to see here . . .

 

[Corrode]

This is the coolest virus ever!!!!!1!1!!

 

[thejadedmonkey]

My computer's immune from this sort of Trojan... I run Windows

heh, always wanted to say that!

 

[temetrepo]

^lol

 

[DoFoT9]

My computer's immune from this sort of Trojan... I run Windows

heh, always wanted to say that!

haha nice one!

this game looks awsome!! cruel, but awsome.

 

[Richard1028]

When a user is tricked into running the trojan

That's a really nice way of saying, "When somebody is stupid enough to run the trojan..."

When the player's character is destroyed, the trojan sends the high score to a remote server and then deletes itself from the computer.

How does it delete itself? Is this even possible?

 

[angelwatt]

Virus scanners delete files too when they run. Maybe we should call them trojans too. This is simply a game that deletes files, even beginner programmers can create such an application.

 

[*LTD*]

Virus scanners delete files too when they run. Maybe we should call them trojans too. This is simply a game that deletes files, even beginner programmers can create such an application.

Ande the game actually warns you about what it's going to do.

 

[hugodrax]

I wrote a trojan that wipes out the user directory.


# cd
# rm -rf *

 

[Acorn]

a program like this is easy to make. In many programming books learning how to work with files like getting directorys and working with files is the first thing you learn. simple destructive programs like this and viruses are 2 different monsters.

This is not a virus and nothing but malware at best.

 

[Guiyon]

This is not a virus and nothing but malware at best.

I wouldn't even consider it malware; it makes no attempt to hide what it is and explicitly tells you exactly what it's going to do when it runs. People can't be protected from their own stupidity.

 

[chrono1081]

My computer's immune from this sort of Trojan... I run Windows

heh, always wanted to say that!

Lol unfortunately its on Windows too. A co-worker actually showed it to me and tried it out on his *gasp!* work machine.

Everything looked like it worked fine afterward though so who knows if its actually deleting things or its just a scare tactic.

EDIT: I'm not sure if this is the same game thats on windows. I remember it looking a bit different but windows has a similar game.

 

[Rampant.A.I.]

It's NOT SECRETLY deleting files.

When you open the app, it puts up a message saying that it WILL delete files when you shot the spaceships.

So if any files get deleted, it is the stupidity of the user.

Seems to be called an 'art project' by it's creator (more like a psychology experiment).

TMO had a news bit yesterday on it: http://www.macobserver.com/tmo/arti...deletes_your_files_with_every_ship_destroyed/

The video in that article is pretty hilarious!

What a sneaky, sneaky trojan.

 

[RKO]

I wouldn't even consider it malware; it makes no attempt to hide what it is and explicitly tells you exactly what it's going to do when it runs. People can't be protected from their own stupidity.

"Stupid is as stupid does"

 

[brasscat]

Nobody seems to mention that the game is so fun to play, that you won't mind files being deleted as long as you have a shot at beating the high score.

 

[DoFoT9]

Nobody seems to mention that the game is so fun to play, that you won't mind files being deleted as long as you have a shot at beating the high score.

this seems like a game to play at the apple store

or to play on a "guest" account

or to give to a friend that you dont like! *plots*

 

[macrem]

Removal instructions:

"The following instructions pertain to all current and recent Symantec antivirus products for Macintosh.
1. Update the virus definitions.
2. Run a full system scan and repair or delete all the files detected."

I had no idea Symantec was an app uninstaller! All this time I've just been dropping unwanted apps into the Trash for free when I could have bought their uninstaller, installed it & followed the above steps. Darn!

 

[BlakePowers]

Ha!

Where do you get this game? It looks great!

 

[topmounter]

I wrote a trojan that wipes out the user directory.


# cd
# rm -rf *

Congratulations, you can call it Trojan Pong!!!

 

[glossywhite]

I'm working on a "trojan" also, which requires the user to type:

sudo rm -rf /

see how subversive & covert it is?

 

[macrem]

I'm working on a "trojan" also, which requires the user to type:

sudo rm -rf /

see how subversive & covert it is?

Doh, did you have to go spreading that dangerous trojan around? Now I have to go buy Symantec

 

[RandomKamikaze]

You don't need Symantec..."if your "ship" is destroyed, the actual game subsequently deletes itself from your Mac's hard drive."

This only proves the most dangerous thing out there is the user

 

[cjmillsnun]

*Looks and notices the real trojan...*

Symantec AKA Norton AV...

*decides the game looks like it could be fun... Makes a TM backup.... Disconnects external HD, Downloads*