Mac Virus - An Unfortunate
Reality
The Mac virus is a reality, unfortunately. As the
number of Mac users is continually growing, so will the number of virus
creators.
In April 2009, iBotNet caused a huge stir with
many calling
it the first real Macintosh virus.
But, this is definitely not the first attempt.
History of Mac Viruses
April 1994
INIT-29-B
This Mac virus alters applications, documents and
system files. It may also cause unexpected program failures or system
crashes. In other words, your Mac may function like a PC.
July 1995
Hypercard HC-9507
Infects HyperCard stacks only. Not systems
applications or files. It can spread to other running HyperCard stacks
and other randomly chosen stacks on the startup disk. The screen may
fade in and out, your Mac will shut down or lock up (ala Windoze) and
the word "pickle" may inadvertently appear in your text.
November 2006
OSX.Macarena
As harmless as the dance, this is a simple,
appending parasitic virus. It infects files in the current folder of
the infected computer. It is dubbed by Symantec as the "first known
fully functional Mach-O file infecter virus." Does not harm Macs
running on Power-PC.
The author apparently had some difficulty in
creating the virus as noted in the program, 'so many problems for so
little code.'
May 1998
AutoStart 9805 (aka "Hong Kong" virus)
This worm copies itself to other disk partitions
so that it becomes active on other disk partitions. It may overwrite
some data files with random gook. Infects Power-PC based systems. There
is an esasy fix - turn off CDROM autorun in QuickTime.
February 2006
OSX/Leap-A / OSX.Oomp
Internet worm spread through instant messaging via
iChat. Infects Power-PC based machines running Mac OS X. The file,
latestpics.tgz, masquerades as a jpeg image and sends itself to people
on your buddy list.
June 2008
AppleScript.THT
Trojan which disables security software, steals
passwords and even takes your picture using the MacBook or iMac's
built-in camera. It can also take screenshots of your desktop. This
virus is distributed as a supposed game or utility and exploits the
Remote Desktop Agent feature of Mac OSX versions 10.4 (Tiger) and 10.5
(Leopard). One infected, the creator is able to take complete control
over your Mac. Refrain from downloading these applications: AStht_v06
(3.1 MB application) or ASthtv05 (60 KB compiled AppleScript script).
November 2008
OSX.RSPlug.D
Trojan horse which contacts a remote server to
download installation files. It keeps the door open for future
installs. Previous versions (October 2007) installed DNSChanger which
routes the user through a malicious DNS server to phishing websites. It
posed as a codec on porn websites.
OSX.Lamzev.A / OSX.TrojanKit.Malez
Hacker tools that allow attackers to install
backdoors. But, a potential hacker must have physical access in order
to install the backdoor.
April 2009
OSX.Iservice and OSX.Iservice.B (iBotNet)
These Mac viruses are embedded in pirated copies
of iWork '09 and Adobe PhotoShop CS4 shared on the popular p2p torrent
network. Using different techniques to obtain the owner's password,
this is the first real attempt to create a Mac botnet to launch
denial-of-service attacks.
The Mac Virus Can Only Become More Prevalent
While Macintosh viruses are much more rare than their PC counterparts,
they will become more common in the future. The best thing to do is
protect your Mac with Mac-friendly antivirus software.
Return
from Mac Virus
back to Mac Security
|
