Mac OS X Virus/Trojan Summary

The announcement of the release of a Mac OS X trojan/virus/worm yesterday has drawn a lot of attention, confusion and significant misinterpretation. While much of the attention was aimed at the "virus vs trojan" distinction, this energy was misguided.

On the one hand, some users were quick to dismiss it as a simple "trojan" that anyone could easily script in minutes. While the application was setup to trick the end-user into launching it, the resultant actions it took were far more sophisticated as it was designed to inject itself into other applications on the users' hard drive. Despite much confusion on this detail, most users were not prompted for the administrator password before the file modifications took place. (The Application directory is writable by the Admin accounts which most Mac OS X user accounts are established as, by default.)

On the other hand, several saw this as a much more ominous sign for the Mac platform. However, this application itself is of a rather limited threat by the nature of its propogation -- and no particular Mac OS X vulnerability exists which allows the unimpeded transmission of a virus. Unless you specifically downloaded and launched this file, there is no way your Mac could have been infected.

The significance of this event is simply the intention behind the release of such malware under Mac OS X.

For additional reading, Symantec provides a step-by-step guide on what happens when the application launches and what modifications it makes to the users applications, while Andrew Welch of Ambrosia SW finished a detailed technical summary of the application.

Popular Stories

macbook air m2

Exclusive: Apple Plans to Launch MacBook Air With M2 Chip on July 15

Wednesday June 29, 2022 5:23 pm PDT by
The redesigned MacBook Air with the all-new M2 Apple silicon chip will be available for customers starting Friday, July 15, MacRumors has learned from a retail source. The new MacBook Air was announced and previewed during WWDC earlier this month, with Apple stating availability will begin in July. The MacBook Air features a redesigned body that is thinner and lighter than the previous...
Mac Studio IO

Apple Begins Selling Refurbished Mac Studio Models

Thursday June 30, 2022 7:42 pm PDT by
Apple today began selling refurbished Mac Studio models for the first time in the United States, Canada, and select European countries, such as Belgium, Germany, Ireland, Spain, Switzerland, the Netherlands, and the United Kingdom. In the United States, two refurbished Mac Studio configurations are currently available, including one with the M1 Max chip (10-core CPU and 24-core GPU) for...
top stories 2jul2022

Top Stories: M2 MacBook Air Release Date, New HomePod Rumor, and More

Saturday July 2, 2022 6:00 am PDT by
The M2 MacBook Pro has started making its way into customers' hands and we're learning more about how it performs in a variety of situations, but all eyes are really on the upcoming M2 MacBook Air which has seen a complete redesign and should be arriving in a couple of weeks. Other top stories this week included a host of product rumors including additional M2 and even M3 Macs, an updated...
original iphone 2007

15 Years Ago Today, the iPhone Went On Sale

Wednesday June 29, 2022 4:43 am PDT by
Fifteen years ago to this day, the iPhone, the revolutionary device presented to the world by the late Steve Jobs, officially went on sale. The first iPhone was announced by Steve Jobs on January 9, 2007, and went on sale on June 29, 2007. "An iPod, a phone, an internet mobile communicator... these are not three separate devices," Jobs famously said. "Today, Apple is going to reinvent the...
rootbug

Major macOS High Sierra Bug Allows Full Admin Access Without Password - How to Fix [Updated]

Tuesday November 28, 2017 12:33 pm PST by
There appears to be a serious bug in macOS High Sierra that enables the root superuser on a Mac with a blank password and no security check. The bug, discovered by developer Lemi Ergin, lets anyone log into an admin account using the username "root" with no password. This works when attempting to access an administrator's account on an unlocked Mac, and it also provides access at the login...