Even if one were to go through all the steps and install it, it won't do any real damage..The only way you can get the Leap-A malware on your machine is if you take some action to put it there yourself. You might receive a file from a buddy in iChat, or download something from the Internet, or open an attachment to an e-mail message. The program code is presently hiding in what claims to be pictures of OS X 10.5, Apple’s next major OS X upgrade. To get Leap-A on your machine, you must (a) receive the file, which is compressed; (b) expand the archive; and (c) double-click what appears to be an image file to execute the code. You cannot get the malware by simply browsing the Internet, reading e-mail, or chatting with friends in iChat.
If one were unfortunate to have it "infect" your system, then all you have to do is a backup and a clean install. Nothing too terribly time consuming or complicated... surely nothing near as time-consuming or hassle ridden like trying to clear something off a Windows system.In its current incarnation, the code doesn’t really do anything malicious, such as deleting files, changing permissions, or moving around applications. However, due to a bug in its code, Leap-A will prevent infected applications from running. The only solution to this problem is to install clean copies of the original applications. So your data isn’t at risk, at least as of now.
Malware has existed for OS X for a long time. In fact, one of the last things an Apple technician is supposed to do as a test is fix problems caused by a malicious AppleScript. The difference between these and viruses is that viruses don't ask to be installed. To be affected by that thing, you have to download it yourself, then proceed to expand the compressed file and double-click the icon and enter your password (on a non-admin account). This is absolutely nothing new or threatening, unless someone is dumb enough to actually do all that.kaidomac said:
Or people could just have file extensions enabled so as to see what kind of files things really are. I know I do for the occasional website that messes up naming it compressed file downloads.technologist said:This is a tricky little thing, though. It resembles a JPEG closely enough to trick many people into running it.
Apple needs to add a warning to iChat, like the one in Safari, that notifies the user when an attachment is an archive that could contain an application.
How is a backup and clean install any different on a Windows system? Total fanboy comment.D3v1L80Y said:all you have to do is a backup and a clean install. Nothing too terribly time consuming or complicated... surely nothing near as time-consuming or hassle ridden like trying to clear something off a Windows system.
Gotta love the ignoring of everything else said in this thread.Avid6eek said:How is a backup and clean install any different on a Windows system? Total fanboy comment.
Yes that is a very good point but luckily Apple is very good about patches in a short about of time.Avid6eek said:Well, right now you got a world of hacks trying to find cracks to OSX to get it running on their PC, or trying to get Windows on a Mac. Now that these hacks are going through the operating system like never before, they are bound to find holes and exploit them.