Mac OSX Malware on the Loose

One of the myths of the Mac world is that it is impervious to malware attacks. It was almost exactly true, for Mac OS had never been a hard target of malware, which makes it clean. Too bad this clean record has to be broken.

This is already days old, but better late than never.

Two new worms targeting users of Mac OSX version 10.4 are discovered. OSX_LEAP.A spreads via iChat, where a compressed file is sent. The said file contains two files, one of which uses a JPEG icon. This is a classic social engineering technique. The user has to extract the files, and open one of them, for this malware to execute.

The other one, OSX_INQTANA.A, spreads via Bluetooth. It is a proof of concept malware written in Java that exploits a vulnerability described here.

With the Apple transition from Motorola processors to Intel, analysts are predicting more attacks will target the Mac, and security researches will give more time to this.

AV watchers would have observed that almost AV vendors have almost the same names for the two Mac malware.

Symantec descriptions:
*OSX.Leap.A
*OSX.Inqtana.A

Sophos descriptions:
*OSX/Inqtana-A
*OSX/Leap-A