Filed under: Software, Apple, Security
CNN reports on Mac virus
Several people have emailed us to point out that CNN is featuring an AP story about the 'first Mac virus' on
their front page. It looks like CNN is a little late to the party, since the Mac web already reported about this way
back in February. Damien wrote that, 'The bottom line
is that this really seems to be a proof-of-concept trojan more than an actual "in the wild, self-propagating"
virus. So yeah, it's certainly very interesting, but I'm not about to start watching for the sky to fall.'The virus detailed in the CNN story is (though they never call it by name) Oompa-Loompa, as coined by Andrew Welch. You get this trojan (it isn't really a virus) by downloading a file that promises to give you a sneak peek at Leopard. You must then decompress the file, and then click on the resulting decompressed file. At that point an application runs that does a variety of things that Andrew details much better than I can.
I wonder what took the AP so long to sensationalize this little 'virus'?
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
patpro said 7:19AM on 5-01-2006
I would classify this kind of article into the "aggressive marketing and disinformation before Vista launch" category. I'm sure we'll see many like that from now, until Vista hit the shelves.
Reply
Russ said 7:30AM on 5-01-2006
I have three opinions about why it took AP so long to sensationalize this story.
1) They were using PC's and they were infected themselves so they finally got around to reporting aobut it.
2) Their PC's finally stopped crashing after downloading the 8th security update by Windows, but first everyone in their IT department had to verify every copy of Windows they had (you know to make sure they hade the Genuine Athentic symbol). So you can imagine that took quite awhile.
3) Along with AP, CNN and the other Major news organizations, since they never report the full story just some clip intented to sell their product of news, they saw that Apple was finally doing a good job in the market. So they said hmmm what is related to Apple but bad....oh I know what about that plague thingey....then someone who knew a little more where their a$$ and head were located suggested they call it a virus....and even then they got it wrong.
Any other options for what happened?
Reply
stefan crain said 8:43AM on 5-01-2006
that sounds about right.
Reply
Hawk said 8:50AM on 5-01-2006
You know, as a mac user who always goes online before installing a OS X update, I wouldn't make fun of PC users for having their computers borked by updates.
I've never had a thing happen to mine, but when some update comes out (which fixes vague and unexplained things in all parts of OS X), there are always scads of people who go "O M F G IT BROKED MY POWERBOOK APPLE SUX IM BUYING A DELL"
Maybe those people are FUD too?
Reply
Mark said 8:58AM on 5-01-2006
the only problem with that theory is that in general the media loves apple, which i'm sure is due in no small part to the fact that most creative professionals use macs.
Reply
Dan said 9:02AM on 5-01-2006
MSNBC Has a similar article. They call it a 'virus' as well, that you get by visiting websites. They don't even mention that you have to download and expand a zip file.
Here's the first two paragraphs (you don't even need to read the rest of the article):
Benjamin Daines was browsing the Web when he clicked on a series of links that promised pictures of an unreleased update to his computers operating system.
Instead, a window opened on the screen and strange commands ran as if the machine was under the control of someone or something else. Daines was the victim of a computer virus.
from: http://www.msnbc.msn.com/id/12537279/
Reply
UncleJerry said 9:02AM on 5-01-2006
Russ you stole all my thunder. :o)
That's exactly what I was thinking.
Reply
Chris Mt.P said 9:42AM on 5-01-2006
A slow news day.
Reply
Barry said 10:24AM on 5-01-2006
Kevin Mitnick was a guest host of Coast to Coast AM radio last night. He had his buddy Woz on as a special guest.
Anyway, Kevin reported that there was a virus for the Mac. I think Kevin is a bit behind the times, or the show was recorded a while back.
I suspect CNN picked up on this from that broadcast.
Reply
Jeremy Wright said 11:47AM on 5-01-2006
Once again, downplay this all you want, but 1 year ago y'all would have said it was impossible. Now you're just saying it's because of user stupidity.
And, note, the Open Source Vulnerability Database lists more than 80 vulnerabilities for OS X in 2005, nearly 4 times as many as in 2003.
Read the whole article. Yes, you're still safe as long as you play smart, but figure that real viruses for the Mac will be out in the next 3 years and you'll be looking back on this wondering why you didn't respond more strongly.
Y'all should be STORMING Apple's doors DEMANDING that they improve their security processes (note: the security researcher emailed Apple several times through January/Feb - and only published in April). Instead you're blathering about how the journalists are probably Windows users.
Reply
Jesse said 12:26PM on 5-01-2006
We all need to take this chance and educate all the mac users out there. OS X is not immune to viruses/worms/trojans. It is a man made piece of software and it has flaws. The more people say macs are immune to viruses, the more ammo places like CNN will have to spread propaganda against OS X.
Reply
Wry Cooter said 1:44PM on 5-01-2006
I think the reason they are just now reporting the story is that they learned about Oompa Loompa via spam from a high profile virus protection company, who recently updated their database to notice the code involved.
I got the spam last week, didn't you?
Of course, we had read about the trojan ourselves a few weeks back.
Reply
Chris said 1:43AM on 5-02-2006
You guys need to grow up, the only reason why we haven't seen viruses for OS X *yet* is because of a lack of installed user base, not because of a lack of available expliots. So when the "big one" finally hits, will Apple burry its head in the sand or will it own up to reality and deploy a patch half as fast as Microsoft has learned to do?
Reply
Rais said 6:25AM on 5-02-2006
You know, I used to be a hacker, and I also used to write some malicious code a LONG time ago, and quite frankly it was always FAR FAR more respectable when I would "hack" some "minority" Operating System that people thought was super secure than when I hacked whatever was the "Standard" of the day. Hacking/putting out a Windows virus is trivial at best, the prestige comes when you hack into or write code that is self-propagating and installs without the users knowledge on a system that people consider "immune"
Any virus writer or hacker worth hisher salt is totally focused on being the first to do this to the Mac.
Reply