I thought it would be useful to summarize all known existing Mac malware in one thread and keep it up to date as new malware is discovered or security updates released to address existing malware issues.
I define malware very broadly - anything that can compromise the Mac and is delivered or downloaded using any one of Apples applications even if the user has to install and run it.
Excluded would be malware that depends "social engineering type" malware like phishing attempts.
I think a thread like that would be most useful to newcomers to the Mac, but would also help veteran Mac users - right now the Mac malware discussion always seems to start in some thread that's totally unrelated to malware initially like this one for example:
Let me start by listing the five "malware" links that were posted in that thread just recently - perhaps people who are familiar with those "Mac threads" can comment on them and also post other known Mac malware.
You cannot be infected by this unless you do all of the following:
1) Are somehow sent (via email, iChat, etc.) or download the "latestpics.tgz" file
2) Double-click on the file to decompress it
3) Double-click on the resulting file to "open" it
...and then for non-Admin users, it fails to infect most applications.
You cannot simply "catch" the virus. Even if someone does send you the "latestpics.tgz" file, you cannot be infected unless you unarchive the file, and then open it.
A few important points
-- This should probably be classified as a Trojan, not a virus, because it doesn't self-propagate externally (though it could arguably be called a very non-virulent virus)
-- It does not exploit any security holes; rather it uses "social engineering" to get the user to launch it on their system
-- If you're not running as an admin user, it will silently fail to infect most applications
-- It doesn't actually do anything other than attempt to propagate itself via iChat, and then only via Bonjour! (aka "Rendezvous) -- it does not sent itself over the Internet, rather just to your local Bonjour user list
-- It has a bug in the code that prevents it from working as intended, which has the side-effect of preventing infected applications from launching
-- It's not particularly sophisticated
--I'd really be tempted to call this thing a non-event; it's poorly written, can't spread beyond your local network, is unlikely to infect anything on most machines, and needs user interaction to do anything at all--
Fixed in Security Update: Not applicable, social engineering malware
OSX.RSPlug.A is malware best described as a Trojan horse. OSX.RSPlug.A disguises itself as a video codec that would ensure whatever porn video you just stumbled upon will play on your Mac.
But to get infected with the malware, you have to
1. accept the invitation to download "new version of codec,"
2. open up the .dmg (disk image) file,
3. click the installer.pkg file, and
4. enter your administrator's password
Once infected, the malware changes your DNS settings to hijack Web traffic and redirect it to phishing sites or ads for porn. And you still won't get to watch the video.
If you're running Tiger, you might never realize how you were infected, but Leopard's Advanced Network preferences will at least let you recognize that the DNS servers have been changed. You'll be unable to change them back without going through a lengthy process detailed by Macworld's Rob Griffiths.
Fixed in Security Update: Not applicable, social engineering malware
On 19 June 2008, security vendor SecureMac reported seeing new variants of AppleScript.THT Trojan horse in the wild affecting users of Mac OS X 10.4 and 10.5.
The new variations exploit a vulnerability within the Apple Remote Desktop Agent, and can avoid detection by opening ports in the firewall and turning off system logging. The new Trojans can log keystrokes, take screen shots, take pictures with the Apple iSight camera, and enable file sharing, according to SecureMac.
The Trojans are using an AppleScript called ASthtv05 and/or may be bundled as an application. You must download and execute the file for your Mac OS X system to become infected.
Fixed in Security Update: Not applicable, social engineering malware
When I looked at the first "malware" link that was posted, it goes back to Feb. 2006.
My question would be - was what was described then really correct (I have read over and over again that in many cases when Mac malware was initially reported it was only half the story) and secondly - is this "malware" (after it has been identified correctly) still a threat today, and (hopefully), perhaps someone knows which Security update eliminated the threat assuming it was there in the first place.
I really have no idea where the "sour grapes" comes from and don't really want an explanation.
But if you can contribute and post more Mac malware, or comment and update us on the five items listed above - please be my guest.
Hahaha! All you fools on OS X! You have a grand total of 14 viruses! that can destroy your system and livelihoods! No, seriously, you've got like nothing to contend with... especially verus Windows' 114,000 viruses.
The only Mac OS Classic virus I've ever seen was one that played the Butcher's line from Diablo every time the computer would start up. Every time the desktop finished loading, as sound would go "Ahhhhhh... Fresh Meat". I still haven't discovered what it is...
I realise you are not responsible for the headline in that first "virus" report, but it's not really a virus. Neither is the second one. This should be noted.
So, while it's true there is malware out there for OS X, to date a brief summary of the available information might be:
There's really nothing out there you need concern yourself with. Don't install any packages that you don't know what they are and you'll be fine. No viruses, still. If they ever turn up, you'll hear about it from legit Mac news sources or this forum LONG before you have even a remote chance of suffering from it.
You have a grand total of 14 viruses! that can destroy your system and livelihoods! No, seriously, you've got like nothing to contend with... especially verus Windows' 114,000 viruses.
And that's just viruses - the Windoze universe went over the million mark a few months ago when it comes to trojans and malware that are in active circulation. Not only that, logging onto a web site or reading an e-mail can easily trash a Windoze system. OSX users are so retrograde, what, with the three Codec cum trojans in circulation, and a few obscure ways that specially written viruses can trash OSX through virtualizers like VMFusion. There is just not enough excitement for the OSX user in this regard.
__________________ Powered By Acer AMD NEO II & Windows 7 - Legacy Apple Systems Are OSX Panther Powered!
And that's just viruses - the Windoze universe went over the million mark a few months ago when it comes to trojans and malware that are in active circulation. Not only that, logging onto a web site or reading an e-mail can easily trash a Windoze system
GOOD LORD!! Why do so many threads on this board wind up being about the "I hate Windows" soapbox. This is so tiring, honestly.
I totally get that this is a Mac site, and that lots of folks on it hate Windows, but do we have to keep hearing about it again and again? If you really hate Windows so much, then why are you renting it time in your head?
Could we please talk about something else?
Someone should start a sticky thread called I Hate Windoze, Bill Gates, and the Microsoft Evil Empire. Or, perhaps we could have an Everything I hate about Windoze, Eh? Subforum.
GOOD LORD!! Why do so many threads on this board wind up being about the "I hate Windows" soapbox. This is so tiring, honestly.
Where do you read "I hate Windows" in this thread?
All I see is a comment about how much exists for Windows compared to that "14 virus" number for the Mac which is just a joke.
Anyway - this is not intended to be a OS X vs Windows thread - all I want to do is to get the true story about each one of the OS X malware reports people dig up everytime this subject comes up.
I'm interested in that and so are many newcomers to the Mac.
If you have something to contribute on that subject, please do - I will try to summarize everything relevant that's posted and keep updating the first post.
No, seriously, you've got like nothing to contend with... especially verus Windows' 114,000 viruses.
Linear Mode
