February 17th, 2006

OSX.Leap.A: a near miss for Mac users

Posted by Jason D. O'Grady @ 6:52 am

Categories: Security, Software

Tags:

This week’s "Mac virus" scare turned out to be nothing more than a worm for Mac OS X that propagates through iChat and infects local Mac applications. OSX/Leap.A is a wake up call to Mac users that we’re not immune to all the nasties floating around on the Web.

There was a story circulating this week that The First Virus For Mac OS X had arrived, but it turned out to only be a relatively innocuous worm embedded in a file called "latestpics.tgz" promising pictures of "MacOS X Leopard." The worm required the user to download, decompress and execute the file then enter their admin password to cause any damage.

The first rule of software downloads is obvious: never open a file or attachment from someone that you don’t know. The second is that if it’s too good to be true it probably is. If a download promises you screen shots of Mac OS 10.5 "Leopard" don’t believe it (after all, why not just post the pics?) but never, ever enter your Mac OS X admin password to install something from an unknown source, especially if you downloaded it surreptitiously.

As the Mac’s popularity begins to rise we shouldn’t be smug about how the Mac’s immune to virii and malware. The switch to a Unix-based OS and Intel processors give us more power than ever, but they also expose us to a whole new world of nastiness that we’ve been sheltered from before.

Mac users shouldn’t get complacent about viruses on the Mac, it just invites an attack. As the Mac continues to gain traction in the market virus writers will increasingly be taking note. Don’t rest on your laurels or smugly brag that the Mac OS is immune to viruses, it’s only a matter of time.

More information on the OSX/Leap.A worm is available from Symantec, F-Secure, Sophos and McAfee.