IT Jobs
World's first OS X virus hits Apple
iLife interrupted by the iVirus.
By John Dunn | Techworld
Published: 15:11 GMT, 16 February 06
Apple’s Mac OS X software has been hit by a mischievous instant messaging virus – the first ever to target the platform.
The virus, dubbed Leap-A by anti-virus company Sophos, is said to spread using Apple’s iChat IM service, forwarding itself as a file called “latestpics.tgz” to an infected user’s buddy contacts.
Clicking on the file allows the malware to install and disguise itself as a harmless-seeming Jpeg icon.
Leap-A is believed to have originally been posted on a website for Apple users, posing as a software update. Although the virus is benign, and is not believed to be spreading in large numbers, it still marks a minor landmark for a platform that has come to be seen in some quarters as immune to such mundane security issues.
“It’s probably been written for publicity or as a proof-of-concept,” said Graham Cluley of Sophos. "Some owners of Mac computers have held the belief that Mac OS X is incapable of harbouring computer viruses, but Leap-A will leave them shell-shocked, as it shows that the malware threat on Mac OS X is real," he said.
Cluley said that some Apple users were claiming that Leap-A was somehow not a real virus because it required the victim to click on the link, an objection he branded as ridiculous. Many PC viruses needed user interaction to set off infection, he pointed out, and this was no different.
Despite being aimed at Apple users, the virus follows broader trends in attempting to spread by way of instant messaging, the new application target of choice. This is seen as a less protected channel, and therefore a point of vulnerability.
Although this is unlikely to be the last virus aimed at Apple users, it has a mischievous old-world feel to it. As with PCs, an increasing number of the platform’s security concerns now revolve around exploiting specific software vulnerabilities rather than code that aims to spread mayhem as well as itself.
Add your commentComments
Wayne | Published: 13:21 GMT, 04 November 2009
"Therefore, it is correct to call OSX/Leap-A a virus or a worm." By defenition, it's a worm. Not a virus.
David | Published: 18:09 GMT, 13 October 2009
You need to do research Phil. Trojan horses do not contain any code to distribute or spread themselves, viruses and worms do. OSX/Leap-A is programmed to use the iChat instant messaging system to spread itself to other users. As such, it is comparable to an email or instant messaging worm on the Windows platform. Worms are a sub category of the group of malware known as viruses. Therefore, it is correct to call OSX/Leap-A a virus or a worm. It is not correct to call OSX/Leap-A a Trojan horse.
Phillip | Published: 18:58 GMT, 10 June 2009
It is irresponsible journalism to report this as a "virus" when it is clearly a Trojan. If you don't understand the fundamental difference between a Trojan and a virus perhaps you shouldn't be reporting on the subject. If you do understand the difference, then you are the worst type of "journalist" - the one who uses sensationalism instead of good research and good information to get people to read your material. Although this article was written a few months ago, it should be corrected. Thank you.