Apple Virus - Be Warned !

Malicious worm aims to bite Apple

To fall victim, users have to install the code themselves
Mac users are being warned about what has been described as one of the first
viruses for Apple's OS X software.
The malicious program, known as Leap-A, tries to spread via Apple's iChat
instant messaging program.

The worm disguises itself as images of Apple's forthcoming version of its
operating system, called Leopard, and plunders buddy lists if installed.

Security firms said Leap-A was not widespread and was unlikely to catch out
many Apple users.

No threat

The malicious program tries to trick users into installing it and does not
exploit any security holes in Apple's OS X operating system. It travels in a
file called "latestpics.tgz" and only version 10.4 of OS X is vulnerable to
it.

Installing and running the worm requires users to go through several stages
and this, along with bugs in Leap-A's code, have led security firms to play
down the threat it poses.


Mac users cannot keep thinking they are invulnerable to these threats
Graham Cluley, Sophos

Mac users 'too smug'
"The important piece of advice for any iChat users running OS X 10.4 is not
to accept file transfers, even if they come from someone on a buddy list,"
said Kevin Hogan, Symantec security response manager.

Symantec said Leap-A was a level 1 threat on its ranking system - the lowest
level. Computer security firms McAfee and F-Secure also said it posed little
threat.

The worm is interesting as it is one of the few written for Apple computers.
The vast majority of viruses are written to attack Microsoft's Windows
operating system.

"The Leap-A worm isn't in itself a significant threat, but it should act as
a helpful reminder that malware can be written for any computer," said
Graham Cluley, senior technology consultant for anti-virus firm Sophos.

"Mac users cannot keep thinking that they are invulnerable to these
threats."

Security firms said Leap-A should more properly be described as a worm or
trojan rather than a virus because of the way it tries to spread.

In a statement released to the Wall Street Journal, Apple said Leap-A was
not a virus but was "malicious software".

It urged users to only accept files from vendors and websites they know and
trust.



This article has been taken from the BBC News Web Site
http://news.bbc.co.uk/1/hi/technology/4723390.stm

.

Relevant Pages

  • New Yahoo! IM Worm Emerges
    ... IM Worm Emerges ... threat from a new worm that installs a rogue Web browser called "Safety ... Browser," and hijacks the user's Internet Explorer homepage. ... installs spyware on the PC. ...
    (comp.security.misc)
  • WMF Threat OK , but no huge attack ... WHY ?
    ... The threat was a bit overrated, ... Vulnerabilities like ... this are unlikely to become a worm with the widespread ... helping any customer with any infection problems, ...
    (Incidents)
  • Re: Continued shutdown, move iniciated by NT Authority System
    ... virus can infect you. ... my system turned out clean of this worm. ... >> The first irrecularity happen after installing Norton ... >McAfee AVert Stinger Virus Removal Tool ...
    (microsoft.public.win2000.setup)
  • Re: windows xp
    ... application with current virus definition files, and before installing ... What You Should Know About the Blaster Worm ... W32.Blaster.Worm Removal Tool ... more intrusions while getting the updates/patches/tools. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: MS worm virus
    ... If you connected the PC to the Internet without having first ... installing the KB824146 Hotfix, you're very likely to get infected ... sure you've enabled a firewall before starting, ... What You Should Know About the Blaster Worm ...
    (microsoft.public.security.virus)