Page 1 of 3 123 LastLast
Results 1 to 15 of 39
  1. #1

    Murlyn's Avatar
    Member Since
    Jun 11, 2003
    Location
    Mount Vernon, WA
    Posts
    4,915
    Specs:
    MacBook Pro 2.6 GHz Core 2 Duo 4GB RAM OS 10.5.2
    Post Intego warns of first Mac OS X Trojan Horse
    Source: MacMinute.com

    Intego warns of first Mac OS X Trojan Horse
    April 8, 2004 - 15:25 EDT Mac security specialist Intego has issued a security warning alerting users of the first Trojan horse to affect Mac OS X. According to the company, this Trojan horse, MP3Concept (MP3Virus.Gen), exploits a weakness in Mac OS X where applications can appear to be other types of files. It has the potential to delete all of a user's personal files; send an e-mail message containing a copy of itself to other users; and infect other MP3, JPEG, GIF or QuickTime files.

    My Comments: Yeouch! Im wondering how true this is. I am having a hard time getting onto Intego's site, but wow.. talk about unexpected at least to me that is I knew eventually, but I didn't think this soon! Ok still a bit shocked *hehe* Ok got onto the site.. sounda quite interesting.. hmm...

    You know.. you wonder if any of these virus companies create viruses so people will use their software? Just a thought..

  2. #2

    rman's Avatar
    Member Since
    Dec 24, 2002
    Location
    Los Angeles, California
    Posts
    12,584
    Specs:
    2 x 3.0GHz Quad-Core, 6GB OS X 10.6.8 | 15in MacBook Pro 2.2GHz OS X 10.6.8 | 64GB iPad 2 WiFi
    Cool
    What I find interesting is this statement from Intego
    Quote Originally Posted by Intego
    Intego said it has released updated virus definitions for Intego VirusBarrier that protect against this threat.
    Now I am not saying it is not possible, but a company that sell virus protection find the virus.
    Life isn't about waiting for the storm to pass, It's about learning to dance in the rain!

  3. #3

    witeshark's Avatar
    Member Since
    Mar 09, 2004
    Location
    Miami FL
    Posts
    2,860
    Specs:
    G4 1Ghz OS X 10.4.7
    I also wonder how this trojan horse can execute without permissions... More research seems to point to this as a worthless hoax. :rolleyes:

  4. #4

    rman's Avatar
    Member Since
    Dec 24, 2002
    Location
    Los Angeles, California
    Posts
    12,584
    Specs:
    2 x 3.0GHz Quad-Core, 6GB OS X 10.6.8 | 15in MacBook Pro 2.2GHz OS X 10.6.8 | 64GB iPad 2 WiFi
    Cool
    Think of it like a wrapper. You receive this mp3 tune. You double click it to activate iTunes, but in this case. You are activating an application. Inside of this wrapped application is a audio file and the destructive code. The wrapped application does what ever it is designed to do, and then starts up the the iTunes application in order to play the audio file. You as the end-user give the application permission to run when you double click it. The application does what is does the damage to the system if that is what it is suppose to do and play the audio file. You as the end-user know nothing of what has happen except the audio file is played.
    Life isn't about waiting for the storm to pass, It's about learning to dance in the rain!

  5. #5

    witeshark's Avatar
    Member Since
    Mar 09, 2004
    Location
    Miami FL
    Posts
    2,860
    Specs:
    G4 1Ghz OS X 10.4.7
    So far there is precious little evidence that it exists. Nothing in the Norton site or Google It's beginning to really appear to be a hoax!

  6. #6
    TylerMoney
    Guest
    well, who knows. there has got to be a virus for mac out there somewhere I imagine. though, it isn't effecting me, or many others.....we'll see what happens I guess. If it turns out to be a hoax...wow....it'll be really funny.

  7. #7

    witeshark's Avatar
    Member Since
    Mar 09, 2004
    Location
    Miami FL
    Posts
    2,860
    Specs:
    G4 1Ghz OS X 10.4.7
    Intego was very fast replying to my e-mail that I think it's a hoax. I still think it is :p

  8. #8

    witeshark's Avatar
    Member Since
    Mar 09, 2004
    Location
    Miami FL
    Posts
    2,860
    Specs:
    G4 1Ghz OS X 10.4.7
    Because the code is written as a "Carbon" application, it does not need to
    have the .app extension in order to run, only to have it's hidden file type
    set to APPL. Carbon applications can run in either Mac OS X or the classic
    Mac OS. The suffix of .mp3 is then just seen as part of the filename rather
    than a denotation of file type.

    When the infected file is launched by double-clicking, or opening, with the
    Mac's Finder, the virus code will begin to run. First it attempts to launch
    your iTunes application and load the MP3 file as a data file so that it will
    appear to be playing as though nothing is wrong. Since the virus code is
    hidden in the ID3 tags, the audio portion will play as normal. The virus
    then continues to run, infecting other MP3 files within the same folder, and
    attempts to access some of the CoreServices components of the operating
    system. It does not appear to

    The current virus that has been found only infects MP3 files. But the
    concept used in this virus could be used to create variants that work with
    other file types as well. Any data file type that allows for a notation
    field to be embedded into the file, such as the ID3 tag that is used for
    this purpose in the infected MP3 files, could be targeted as another carrier
    for future viruses. While there is not a currently known virus that uses
    image files as the transport, it is unfortunately a small step for a virus
    writer to modify the current MP3Concept Trojan horse to use another file
    type as it's transport method. This is why our virus definitions have been
    engineered to look for this type of code outside of just MP3 files as a
    measure of preparedness.
    This came from Intego. What do you all think? I think it's suspicious and not a true threat

  9. #9
    TylerMoney
    Guest
    this could get ugly :eek:

    but I'm looking forward to the outcome :rolleyes:

  10. #10

    witeshark's Avatar
    Member Since
    Mar 09, 2004
    Location
    Miami FL
    Posts
    2,860
    Specs:
    G4 1Ghz OS X 10.4.7
    Heh - I don't think it's squat it's garbage, think permissions. Period

  11. #11


    Member Since
    Dec 28, 2003
    Location
    Long Island, NY
    Posts
    911
    Specs:
    15" MacBook Pro & 23" ACD
    They must not be making to much money from Virus Barrier if they are so deparate that they need to find a threat!(or in this case, maybe they even created it....I mean Norton or Mcafee hasn't said anything about it..) :eek:

  12. #12
    KLank
    Guest
    Well, reading through the initial link from Murlyn it did sound to me like they wrote the concept worm. Granted to damage the SYSTEM it would need to prompt for permission, but most users would blindly type thier passwords. But even if they didn't YOU have permissions to delete your files. So this could destroy your DATA which could be far more valuable then the time it would take to fix or rebuild your OS.

    Just food for thought.

  13. #13

    rman's Avatar
    Member Since
    Dec 24, 2002
    Location
    Los Angeles, California
    Posts
    12,584
    Specs:
    2 x 3.0GHz Quad-Core, 6GB OS X 10.6.8 | 15in MacBook Pro 2.2GHz OS X 10.6.8 | 64GB iPad 2 WiFi
    Cool
    KLank, I think your personal data would be more in peril, than the system files. As you stated you would need to enter a pass word for removal system files. Whereas personal file you have permission to remove then. So the question is what files would a stranger want to delete that would hurt you. I think the most damage that can be don't is to the user id that is currently logged in.
    Life isn't about waiting for the storm to pass, It's about learning to dance in the rain!

  14. #14
    KLank
    Guest
    That's exactly what I was saying. It can delete the users personal data which many times can be the most important. If it wipes out the users home directory that could be a BIG problem for some people.

  15. #15

    witeshark's Avatar
    Member Since
    Mar 09, 2004
    Location
    Miami FL
    Posts
    2,860
    Specs:
    G4 1Ghz OS X 10.4.7
    The more I look into it, the more it appears to be a hoax. I'm not at all concerned :p

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Trojan Horse
    By Trefoil in forum OS X - Operating System
    Replies: 7
    Last Post: 02-27-2012, 06:35 AM
  2. Trojan horse??
    By dthehwang in forum OS X - Operating System
    Replies: 5
    Last Post: 04-16-2011, 09:23 AM
  3. Security alert: New Trojan Horse apps said to attack the Mac
    By schweb in forum Apple Rumors and Reports
    Replies: 30
    Last Post: 10-29-2010, 09:58 PM
  4. Trojan Horse or Malware or something
    By Maxy in forum OS X - Operating System
    Replies: 5
    Last Post: 05-07-2010, 08:13 PM
  5. Mac Trojan Horse found in pirated copies of iWork '09
    By cwa107 in forum Apple Rumors and Reports
    Replies: 33
    Last Post: 02-24-2009, 07:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •