Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - New OS X PoC virus InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

New OS X PoC virus

Published: 2006-11-03
Last Updated: 2006-11-03 14:17:34 UTC
by Swa Frantzen (Version: 3)
0 comment(s)
There is again a Proof of Concept Virus for Mac OS X. To be honest the virus is no big deal in itself. But it is yet another warning for a lot of parties involved.

As we said before the ability to have viruses and all sorts of other malware is inherently available in all modern operating systems, Mac, Linux, BSD, ... included.

It is a warning to get antivirus protection for those Macs, even if the shopkeeper told you you do not need it, even if there are no viruses in the wild today, even if it's hard to buy it, and even if the antivirus vendors seem not to know what they talk about like in the image below (highlights are mine):

I'm sure it's just a template problem, but a problem nonetheless.

Yet, it is still your responsability to make sure you do not spread malware (even if you might not be vulnerable to it yourself).
And when (not if) a really bad one hits you or your company it's better to be ready and have a framework to distribute signatures ready than to have to start shopping, get a budget, get purchase to order it, roll it out, ... after you got hit. It is a lot easier to do before you get hit.

So Apple, Apple shopkeepers, antivirus vendors and Mac users, PLEASE get a decent framework in place and please be aware there is no magic shield preventing malware on a Mac (or any other modern platform).

- I writing this on my Mac, and I love my Macs.
- Thanks to Juha-Matti for pointing out the PoC.

  • We got some notes from readers questioning the validity of this post. It's real. Check it out here.
  • We know the screenshot above has been updated by the vendor in the mean time.

Swa Frantzen -- Section 66
0 comment(s)
Diary Archives