OSX.Leap.A: a near miss for Mac users

OSX.Leap.A: a near miss for Mac users

Summary: This week's "Mac virus" scare turned out to be nothing more than a worm for Mac OS X that propagates through iChat and infects local Mac applications.


apple-worm.jpgThis week's "Mac virus" scare turned out to be nothing more than a worm for Mac OS X that propagates through iChat and infects local Mac applications. OSX/Leap.A is a wake up call to Mac users that we're not immune to all the nasties floating around on the Web.

There was a story circulating this week that The First Virus For Mac OS X had arrived, but it turned out to only be a relatively innocuous worm embedded in a file called "latestpics.tgz" promising pictures of "MacOS X Leopard." The worm required the user to download, decompress and execute the file then enter their admin password to cause any damage.

The first rule of software downloads is obvious: never open a file or attachment from someone that you don't know. The second is that if it's too good to be true it probably is. If a download promises you screen shots of Mac OS 10.5 "Leopard" don't believe it (after all, why not just post the pics?) but never, ever enter your Mac OS X admin password to install something from an unknown source, especially if you downloaded it surreptitiously.

As the Mac's popularity begins to rise we shouldn't be smug about how the Mac's immune to virii and malware. The switch to a Unix-based OS and Intel processors give us more power than ever, but they also expose us to a whole new world of nastiness that we've been sheltered from before.

Mac users shouldn't get complacent about viruses on the Mac, it just invites an attack. As the Mac continues to gain traction in the market virus writers will increasingly be taking note. Don't rest on your laurels or smugly brag that the Mac OS is immune to viruses, it's only a matter of time.

More information on the OSX/Leap.A worm is available from Symantec, F-Secure, Sophos and McAfee.

Topic: Apple

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Oh so true!

    User ignorance can run the whole security thing off the rails. I think
    Apple, experienced users and Mac-based journalists should get the
    word out -- pronto and loud. The OS is very solid, but it just takes
    one naive user a second to enter his/her passwrord to open a
    tarball (or any compressed file) from a buddy. That would never be
    an issue to an INFORMED user. And that is the next job.
    • PowerMacs ROCK !!!

      That's all folks .
      I'm Ye, the MS SHILL .
  • There is no protection......

    Nothing is foolproof to a sufficiently talented fool.

    At least with a Mac/Linux/Unix you have to be naive enough to install the software. With windoze you can get viruses and worms, and they do not require this process to install as root.
  • Tempest in a teapot

    This "virus" is way overblown. One of the senior editors at Macworld has been trying for 12 hours to get this "virus" to work on his computer. He's actually had to call in some IT types to figure out why it won't run on his machine.

    This is nothing more than people desperately wanting to say that OS X is just as insecure as Windows. Look at the money trail. ten to one it leads back to one or more anti-virus software publishers.
  • OSX Is Not The Same As Windows!!

    I get tired of the "nobody writes viruses for macs cause nobody uses them" argument. There is an actual difference! OSX will not allow a normal user to edit system files which limits the ability of a virus to trash your system.

    Windows has a similar ability but it's all or nothing. You either are an administrator and have full access, or you aren't and you have very little access. Because of this, the only way to function normally on Windows is as an administrator which gives the user (and the virus) full access to the system.
    • You might not like it but it's very valid

      Re: "nobody writes viruses for macs cause nobody uses them"

      Re: "Windows has a similar ability but it's all or nothing.". Not
      exactly. Windows also has the power users group which falls in
      between administrator and a normal user.

      Re: "only way to function normally on Windows is as an
      administrator which gives the user (and the virus) full access to
      the system."

      This is the fault of the software developers and not Windows.
      • It's still differenlt

        On windows, a non admin user must log off and log on as an admin in order to install software. On OSX, a user can enter an admin password to make system changes. Even if the user is logged in as an admin on OSX, they still must re-enter their password to make system level changes.
  • For the record virii is not a word...

    In English the correct plural of virus is viruses. The excellent
    articles below explain why "virii" is just plain incorrect.

    The best article on this is from the Straight Dope, and addresses
    several improper plurals. (The article has a crazy title, but
    explains this issue well.)

    This one only addresses the plural of virus:

    And Wikipedia has an article:

    • Er...who really cares?

      That linuxmafia link indicates (to me) that some people simply DON'T have a life, or are really anal-rententive.

      As for the pluralism of "virus"...as far as I'm concerned if someone wants to use 'virii', fine by me. Considering how convoluted the English language is already, I don't give a rat's ass if it's 'virii' or 'viruses' (a word that linuxmafia says classically is as inappropriate as 'virii', if I think I understood the hyper-analysis gibberish on that site), or something entirely different just as long as I can figure out the meaning of the intent.

      Besides, as the English language is ever-morphing, if enough people use 'virii', then sooner or later that word will become the rule and not the error (remember 'threepeat'?), regardless of non-existent Latin roots, as if we latter-day humans haven't twisted Latin enough already with foolishly conceived "Latin-sounding" genus names and the like.
  • So..

    All the Anti-Virus companies are intrested in selling their software
    to the Mac users and no one buys them.

    So, they get scared.

    AV software checks only for the known viruses; which Macs
    (including the LEAP-whatever) do not have. So, what will their AV
    software contain? Just this LEAP-A.. stuff?
    S R
  • Oh my god a VIRUS!

    This is just silly, listen of course a mac can get a virus. Do
    people out there make them, sure there have been some in the
    past. But these articles that make it sound like we are open to as
    many threats as windows users are silly. There are more
    windows users so there are more windows virus's. I am a mac
    user, I have never had a problem, probably for the same reason I
    never had problems on a pc (well except for with spy ware but
    that went away when I stooped using IE) Don't open attachments
    and be careful what you look at online. I get annoyed by this
    doomsday style of writing lately "VIRUS ON THE MAC" "KARMA
    everything will be okay pc and mac wise...
    Jay Saenz
    • everything will be okay pc and mac wise?

      I work in an office with PC's fully protected with anti-virus, etc. We
      have to have a guy come in every few months to get the machines
      running again. I have been running Macs for 10 years and I have
      never had any trouble. PC's support IT people. There is a huge
      difference between the two platforms. Don't equate them.
      • Equality

        I love my MAC but if people really wanted to they could probably
        cause us just as much trouble with spyware, viruses etc... It
        would just take a lot more work because our OS is so much
        better. The point of my last entry was just to state that I think
        these papers are making a big deal about nothing. There have
        been other worms in the past for mac, and I am sure there will
        be more as our user base increases. But this front page of every
        website I go to flashing "Virus on mac" etc.... It's just bull... So
        sorry if I made it sound like they were equal, because as any Mac
        user knows they are not. At the same time, we must remember
        that if some one wants what you have on your pc or mac they
        will try and find a way to get it. Smart computing and a great os
        can help steer them away (towards windows users)
        Jay Saenz
  • Trust is only the first level. Ask MacNN

    The infected DID download the file from a site they trusted. What if
    we had come across this on ZDnet? No, we can all be "engineered"
    under the right circumstances. Our vigilence and protection must
    be layers deep and culminate with a good back-up scheme.
  • nomgjzk 53 knw

    grocjp,hkgbupxs33, fklhe.