Mac Worm: Please Forward Me

[Peaches]

8 May 2009, 10:55

Mac worm: Please forward me

"Now the full source code of what has been advertised as the first bot for Mac OS X has been revealed, it should probably be regarded as the biggest non-starter in the history of Mac pests yet, or possibly an extremely belated April Fool's joke. As Sophos's Graham Cluley reports in his blog, unlike previously sighted Mac malware, the worm (called OSX/Tored-A) tries to spread by attempting to gather email addresses from the infected Mac's contact list and then forwarding itself to those addresses.

However, this process fails due to many bugs in the RealBasic code. If the worm has been sent to a user who is not on a Mac, the apparently Tunisian author of the worm copes with this by asking the user to copy it to a Mac. The worm contains the line

For Mac OS X! : (If you are not on Mac please transfer this mail to a Mac and

sorry for our fault:)

Symantec reported on the first apparent botnets based on Mac desktop computers earlier this year, when a trojan called OSX.IService, was found attached to allegedly cracked versions of iWork 09 and Photoshop CS4 made available on Bittorrent networks. An earlier botnet on Mac systems was found back in 2005, but this exploited a PHP vulnerability and it was probable that only servers rather than desktop systems were affected. "

Heise security for details - http://www.h-online.com/security/Mac-worm-...e--/news/113239

>>>>>>>>>>>