February 16, 2006
Reports emerge of Mac OS X trojan horse or worm
Posted Feb. 16, ’06, 10:26 AM PT by Cyrus Farivar
Category | Security
When I woke up this morning, it seemed that the impossible had happened. Since 2001, when OS X was first released, there have been zero reports of virii, worms, or other malware for the Mac. Early this morning, it was reported on the Ambrosia Software discussion boards of the first reports of a worm/trojan horse for OS X, disguised as a package of screenshots for OS X 10.5 Leopard.
Macworld.com News Editor Peter Cohen is on the case:
Reports indicate that someone has let loose a “trojan horse” or worm for Mac OS X users. The program is hidden within a package that purportedly contains screenshots of Apple’s as-yet unannounced next major revision to Mac OS X. Whether it’s a trojan horse or worm seems to vary depending on the source of the information.
The package, called “latestpics.tgz,” first surfaced recently on a Mac rumors Web site. Independently verified by Ambrosia Software president Andrew Welch, he’s dubbed it the “Oompa-Loompa Trojan,” because the files in question check for the presence of an attribute called “oompa” — an apparent reference to the movie and book “Charlie and the Chocolate Factory.”
Welch provides extensive details on the Ambrosia Software discussion forums.
When unpacked, the archive includes an application that resembles a JPEG file. When it’s clicked on, the file executes and attempts to propagate itself via the buddy list of Apple’s instant messaging software iChat.
Check in at Macworld’s News Page for further information later in the day as the story develops.
Recent Entries
About MacUser
MacUser is your source for news, info, and opinion about Apple, the Mac, and the iPod. Our dedicated team of bloggers covers everything that is relevant to Mac users — and, okay, some stuff that’s not quite relevant, but is still a lot of fun.
Subscribe/RSS
- Blog Posts
- Blog Comments
- Podcast (RSS) (iTunes)
Tip us off!
- Email: macuser [at] macuser [dot] com
Recent Comments 
- wesg on Happy Independence Day! (and nary a Jeff Goldblum in sight)
- Goobi on Skitch is updated. Skitch is awesome
- Donn on Microsoft offers iPods as search prize in Australia
- ssdfan on Solid state drives eat battery life, don't save it for later
- ssdfan on Solid state drives eat battery life, don't save it for later
- mark kren on Success! Firefox 3 sets world record for downloads
Categories
- Apple (187)
- Advertising (141)
- Events (217)
- Huh? (153)
- Humor (239)
- News (133)
- People (231)
- Rivals (353)
- Speculation (145)
- Steve Jobs (147)
- Stores (187)
- Apple TV (54)
- Business (394)
- Games (133)
- Geekery (423)
- Hardware (855)
- Accessories (59)
- Intel Macs (159)
- Ihnatko (18)
- Internet (398)
- Legal (201)
- MacUser (89)
- Money (156)
- Music (317)
- Podcasting (98)
- Photography (67)
- Security (217)
- Software (1415)
- Updates (488)
- Tips (338)
- Troubleshooting (173)
- Video (366)
- Windows (197)
- iPhone (180)
- iPod (561)
- iPod Accessories (89)
- iPod Software (57)
- iTunes (101)
- iTunes Store (395)
Archives
- July 2008 (26)
- June 2008 (171)
- May 2008 (185)
- April 2008 (234)
- March 2008 (217)
- February 2008 (215)
- January 2008 (239)
- December 2007 (169)
- November 2007 (164)
- October 2007 (187)
- September 2007 (167)
- August 2007 (195)
- July 2007 (152)
- June 2007 (223)
- May 2007 (243)
- April 2007 (286)
- March 2007 (288)
- February 2007 (250)
- January 2007 (266)
- December 2006 (244)
- November 2006 (293)
- October 2006 (307)
- September 2006 (250)
- August 2006 (268)
- July 2006 (288)
- June 2006 (293)
- May 2006 (297)
- April 2006 (351)
- March 2006 (366)
- February 2006 (110)
- January 2006 (107)
- December 2005 (23)
Mac Publishing Sites
Links
Leave a comment