X
Business

OS X users celebrate first wild worm

If you use OS X (I do), you should greet with glee and joy this week's announcement that security experts have identified the first example of an OS X worm in the wild.  After all, this shows that OS X is finally getting enough mind share that malware writers are taking note.
Written by Phil Windley, Contributor

If you use OS X (I do), you should greet with glee and joy this week's announcement that security experts have identified the first example of an OS X worm in the wild.  After all, this shows that OS X is finally getting enough mind share that malware writers are taking note.  What's more, OS X appears to be holding it's own. 

The worm shows up when you receive an IM message inviting you to download screenshots of Apple's latest version of OS X (Leopard).  When you click on the link, the software is downloaded, installed, and then invites everyone on your buddy list to download a copy.  

At least that's the abbreviated version that you're likely to see reported in the media.  OS X is doing a good job of warning users of danger In fact, there's some important detail that's missing in that the scenario.  When you click on the link, you'll be warned that the download contains an application.  If you ignore that warning and move forward, the file is stored on your computer.  You have to click on it to activate it.  Of course, you want to see the pictures, so you click.  When you do, the application will ask you to type in the computer's administrator password.  If you do that, then it will install and replicate itself. 

I had a conversation with a friend not too long ago where I mentioned I'd never had a virus on any computer I used, even Windows.  He was shocked and asked what virus protection program I used.  He was even more shocked when I said "none."  Part of that is luck, but a large part of it is because most malware, especially on {Li,U}nix-based systems, requires the user's help.  Like most things in life, knowing where the danger lies and knowing the warning signs are the most important steps you can take in protecting yourself.  No virus program can protect you if you're careless.

With this worm, the user gets two chances to sense that something is wrong: images aren't applications and images don't need the administrator's password to be displayed. OS X gets points for this.   The news isn't that OS X is vulnerable; any OS is vulnerable.  The story is that OS X is doing a good job of warning users of danger.  

Editorial standards