jump to navigation

First Mac OS X Trojan found in the wild February 16, 2006

Posted by Brian in Uncategorized.

CNET News.com reports a malicious program that could be the first Trojan in the wild to target Apple Computer’s Mac OS X operating system has been discovered. The Trojan is spread through iChat.

Apple and outside analysts said the program, referred to as Leap-A, is not a “virus” per se. Rather, it “requires a user to download the application and execute the resulting file,” Apple said in a statement to CNET News.com. The company provided no further comment on the nature of the program.

The malicious software, which has also been dubbed OSX/Oompa-A and the Ooompa Loompa Trojan Horse by other security experts, appears to have spread minimally so far and has achieved low-level threat classifications from McAfee and Symantec…

…Classified as both a worm and a Trojan, Leap-A appears to have begun its movement earlier this week after it was posted at a forum for Mac-related rumors. The file appeared as an external link promising pre-release screenshots of the upcoming Mac OS X 10.5, also known as Leopard.

Leap-A, which appears to affect only the OS X 10.4 platform, spreads primarily via the Apple iChat instant-messaging program. The program forwards itself as a compressed file called “latestpics.tgz” to all the contacts on the infected user’s buddy list each time the program starts up.

However, it’s up to the user to actually accept the download and then try to open the file to activate the Trojan…and we Mac users know better than that, right? RIGHT?



No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: