If you're new to AirPods, considering buying a pair, or just want to pick up some new tips.
The First Mac OS X Virus? (A New OS X Trojan) [Updated]
On the evening of the 13th, an unknown user posted an external link to a file on MacRumors Forums claiming to be the latest Leopard Mac OS X 10.5 screenshots. The file was named "latestpics.tgz"
The resultant file decompresses into what appears to be a standard JPEG icon in Mac OS X but is actually a compiled Unix executable in disguise. An initial disassembly (from original discussion thread) reveals evidence that the application is virus-like or was designed to give that impression. Routines listed include:
_infect:
_infectApps:
_installHooks:
_copySelf:
The exact consequences of the application are unclear, but users who originally executed the application have noted that it appeared to self propogate:
Andrew Welch, who had done some of the initial disassembly, is posting updates to this thread.
According to the initial investigation, the application uses Spotlight to find the other applications on the infected machine and subsequently inserts a stub of code into each application executable.
Update: It appears that there is some debate about the classification of this application, and as it does require user activation it appears to fall into the Trojan classification, rather than self-propogating through any particular vulnerability in OS X.
Update #2: The most recent updates show that the file does send itself to other users in your AIM/iChat buddy list.
Update #3:
Andrew Welch posted the final technical analysis of the application with assistance from Ed Wynne and Glenn Anderson.
Symantec has posted a step by step guide on what happens when you launch this application.
The resultant file decompresses into what appears to be a standard JPEG icon in Mac OS X but is actually a compiled Unix executable in disguise. An initial disassembly (from original discussion thread) reveals evidence that the application is virus-like or was designed to give that impression. Routines listed include:
_infect:
_infectApps:
_installHooks:
_copySelf:
The exact consequences of the application are unclear, but users who originally executed the application have noted that it appeared to self propogate:
If anyone remembers last night, when lasthope spread that picture that opened in terminal. I just turned on my other computer and it said it had an incoming file, from my computer, which was the latest pics file. Any help. I have already secure deleted it off of my harddrive, but how do i know that it will not come back.
Andrew Welch, who had done some of the initial disassembly, is posting updates to this thread.
According to the initial investigation, the application uses Spotlight to find the other applications on the infected machine and subsequently inserts a stub of code into each application executable.
Update: It appears that there is some debate about the classification of this application, and as it does require user activation it appears to fall into the Trojan classification, rather than self-propogating through any particular vulnerability in OS X.
Update #2: The most recent updates show that the file does send itself to other users in your AIM/iChat buddy list.
Update #3:
Andrew Welch posted the final technical analysis of the application with assistance from Ed Wynne and Glenn Anderson.
Symantec has posted a step by step guide on what happens when you launch this application.
[ 628 comments ]
Amid the launch of brand-new iPads this week, there are quite a few deals on older models for users who don't mind purchasing previous generation devices. Along with these sales, you can also...
Instagram today is rolling out a new shopping feature within its iOS and Android apps, allowing users to complete purchases without having to leave Instagram (via The Verge).
Before the update,...
Google will shut down its "Inbox by Gmail" app on April 2, the company has confirmed to users of the email app.
Google announced in September that it would be shuttering the app toward...
Following the release of iOS 12.1.4 on February 7, Apple has stopped signing iOS 12.1.3, the previous version of iOS that was available to consumers.
iPhone, iPad, and iPod touch owners who have...
The Cleveland Cavaliers and Aramark, a food and beverage vendor, today announced a new Apple Business Chat feature that will allow Cleveland Cavaliers fans to order drinks from their seats through...
Apple's new iPad Air and fifth-generation iPad mini both work with the Apple Pencil, but are limited to the first-generation Apple Pencil rather than the second-generation model, which only works...
Effective today, the Apple Pencil no longer needs to be purchased at the same time as an iPad to be eligible for AppleCare+ coverage, according to an announcement shared with Apple Stores and Apple...
Sony today announced that its PlayStation Vue app for the Apple TV has been updated with multi-view support, allowing users to watch up to four live channels on one screen.
The new PlayStation...
