Mac OS X: The First Virus
Throughout time, Windows has been known as the most virus-prone of all operating systems. Vulnerabilities in the Microsoft Windows Explorer web browser and the Windows system itself exposes this platform to a wide range of threats from viruses and worms to spyware. For this reason, more users have turned to other systems for an infection-free computing environment.
Up until recently, Windows was thought to be the only system capable of contracting viruses and other malware. However, Linux has also been infected and Apple's Mac OS X is the latest victim of the infamous malicious code.
The Virus Discovery
On February 16, 2006, SophosLabs announced the detection of the very first virus written for the Mac OS X platform. OSXLeap-A, often referred to as OSX/Oompa-A, is an infection that spreads via the Macintosh iChat instant messaging system. It operates by forwarding itself as a "LATESTPICS.TGZ" file to the contacts on the buddy list of an infected user. When the archived file is opened, its contents are disguised with a graphic icon in JPEG format, which attempts to trick the recipient into believing it is a harmless file. The virus uses the "OOMPA" text as a marker in the forks of the infected program which prevents it from compromising the same files.
Is it a Virus or Trojan?
Following word of the infection, several members of the Macintosh community stated that Leap was actually a Trojan horse and not a virus. Their reason being was that the infection required user intervention, which is receiving the file in iChat, choosing to manually open it and executing the payload. However, this is not how a Trojan functions. A Trojan is a seemingly useful program purposely designed to damage a computer or install other malicious applications. Additionally, a Trojan does not self replicate and includes no mechanisms that enables it to spread itself. In most cases, it is deliberately incorporated onto a website, accidently distributed by another user or sent via spam email. Aside from that, the malicious code of Trojan contains nothing that will allow it to be automatically distributed to other victims.
OSXLeap-A is specifically designed to use the iChat messaging system to propagate itself to other users. It also requires action by the user in order to be executed and further spread the infection, therefore it is aptly termed as a computer virus.
Staying Smart
While several Macintosh computer users once had the belief that their system was incapable of harboring viruses, Leap proves that the threat of malware on this platform is real. Security experts suggest that the Mac users can no longer live worry free, as caution must now be practiced at all times, just as if you were running a Windows operating system.
Experts also advise all Mac OS X computer users to practice safe computing by cautiously surfing the web and keeping their anti-virus software updated with the latest virus definitions.
Anti-Virus Solutions for the Mac OS X
- Norton Internet Security for Macintosh
- ClamXav
Post a comment