Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: New OS X PoC virus - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New OS X PoC virus

There is again a Proof of Concept Virus for Mac OS X. To be honest the virus is no big deal in itself. But it is yet another warning for a lot of parties involved.

As we said before the ability to have viruses and all sorts of other malware is inherently available in all modern operating systems, Mac, Linux, BSD, ... included.

It is a warning to get antivirus protection for those Macs, even if the shopkeeper told you you do not need it, even if there are no viruses in the wild today, even if it's hard to buy it, and even if the antivirus vendors seem not to know what they talk about like in the image below (highlights are mine):


I'm sure it's just a template problem, but a problem nonetheless.

Yet, it is still your responsability to make sure you do not spread malware (even if you might not be vulnerable to it yourself).
And when (not if) a really bad one hits you or your company it's better to be ready and have a framework to distribute signatures ready than to have to start shopping, get a budget, get purchase to order it, roll it out, ... after you got hit. It is a lot easier to do before you get hit.

So Apple, Apple shopkeepers, antivirus vendors and Mac users, PLEASE get a decent framework in place and please be aware there is no magic shield preventing malware on a Mac (or any other modern platform).

P.S.:
- I writing this on my Mac, and I love my Macs.
- Thanks to Juha-Matti for pointing out the PoC.

--
Swa Frantzen -- Section 66
Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!