New Mac OS X malware - OSX_LAMZEV.A
Computer security company Trend Micro is reporting that a new Mac OS X malware application is making the rounds. The application, called OSX_LAMZEV.A, gives hackers a way to take control of infected Macs. This is the second report of Mac OS X malware this week.This is not a virus, and users must actually launch the app for it to install its payload. Once running, the app also asks which firewall port it can use. Trend Micro reports that "Mac users may be infected when they access remote websites hosting this backdoor. The backdoor may also be disguised as a legitimate application and may be installed and executed on systems."
Many Mac OS X-based malware seems to be similar in nature, requiring users to actually launch the installer and give it permission to install the payload. Unlike Windows-based malware, you shouldn't need to install any anti-malware apps to annoy you and slow down your Mac. Just make sure to follow the basic rules of Internet safety -- don't install applications that aren't legitimate or visit Web sites that you don't trust.
For more details, be sure to visit the Trend Micro Virus Encyclopedia.
Share
Computer security company Trend Micro is reporting that a new Mac OS X malware application is making the rounds. The application, called...
Add a Comment
@strey0123
LOL, I am in fact a Apple consumer and an OS X fan. Fact is, market share has an affect on which platforms malware writers target. Who would write malware for windows, even if it was easy, if Windows had 10% of the market? Much more effort would be put into targeting the OS most people use and thus where the real money is at.
Why don't you cool your hot head with a tall glass of kool-aid.
@Jesse,
Sorry, but the facts say otherwise. See the previous comment.
It's still a little disconcerting to find this on my system and have it come up and ask me if for the confirmation about running it... I just searched lamzev in spotlight and it came back with file in my cache from last night that implied it was downloaded via an engadget link when I visited their site last night... (I'm not saying I got it from there, because I could never prove it - but the url was theirs in the popup that came up)
November 22 2008 at 7:58 AM Report abuse Permalink rate up rate down ReplyWindows Malware/Viruses: Ninjas in the night come in through your many open windows, and steal everything without you knowing. They also kill your cat.
Mac Malware/Viruses: A man knocks on your door asking for a copy of your house keys, asking when you won't be home today, and if you wouldn't mind him being over. He assures you he is a good person.
In my opinion, an application that actually requires you to install it, asks which firewall port it can use, and doesn't attempt to hide its presence in the filesystem is not really malware..
The Windows malware situation is really bad because of the fact that many of the malicious spyware/virus applications exploit security holes in internet explorer (usually in the activeX layer), browser plugins, and other common apps/services so they can install themselves on to the system without user intervention ( "drive-by installation") other than perhaps visiting a rogue website.
Exactly. This is more like voluntary euthanasia.
November 22 2008 at 7:24 AM Report abuse Permalink rate up rate down ReplyIn which case, none of the top ten security threats to Windows machines are malware, either.
Mac users have a very skewed view of the Windows security threat scene. What they don't often realise is that very, very few pieces of Windows malware rely on security holes in Windows. Instead, they target the biggest security hole on any platform - the one between the user's ears.
Why? Simple - that hole can't be patched by Microsoft or anyone else.
My worry is that lots of newer and/or less wise Mac owners "believe the hype" that the Mac is immune to *all* forms of malware, and so take risks which they wouldn't on a less secure platform. If you really believe that there's no way you can make Mac malware, why would you bother about running that executable file "your friend" has just sent you...
Get use to it. Expect to see more maliciously crafted code targeting OS X and Mac users as time goes on and market share goes up.
November 21 2008 at 4:54 PM Report abuse Permalink rate up rate down ReplyMarket share is the strawman argument of the haters. This argument is irrelevant. Go home, troll.
November 22 2008 at 12:30 AM Report abuse Permalink rate up rate down ReplyYes, the market share argument is a straw man often trotted out by those who don't know what they're talking about.
The simple fact of the matter is, back in the pre-OS X days the Mac had *many* viruses and malware (hundreds of them) that were actually out in the wild and infecting machines. In the OS 9/8/7 days, most Mac users had anti-virus software installed. Norton Anti-Virus was one of the best selling software packages on the Mac. All of this when the Mac had a MUCH smaller market share of an overall much smaller market. This simple fact absolutely obliterates the "market share" straw man.
Many of my files are private and require no root access to distribute should an application decide it wants to upload all my data to some obscure location. Don't be fooled that just because it requires no authenticated access that it cannot cause damage.
November 21 2008 at 4:25 PM Report abuse Permalink rate up rate down ReplySo, if this works with firewire ports new Macbook owners need not worry, eh?
I finally understand why Apple would literally spend millions in R&D to later abandon a technology that they not only created, but is loved by users. It all makes sense.
I think you should re-read the article... specifically the 2nd paragraph. Firewire isn't even mentioned in passing here.
November 21 2008 at 4:07 PM Report abuse Permalink rate up rate down ReplyHaha... I misread firewall for firewire. I thought I was being funny, and now I just look like a jackass that can't read.
November 21 2008 at 4:13 PM Report abuse Permalink rate up rate down ReplyWow. So you basically have to give just about anything access to your comp to allow this, then provide a valid port. All it does is put a file or two in app bundles too, which can just be removed with a shell script.
Epic Fail.
Hmmm.... I'm getting a Mac and now hearing about this :S
Oh well - still gonna get one!
I don't think you read the article correctly. YOU HAVE TO MANUALLY INSTALL THIS MALWARE. This means that you shouldn't be concerned about it. That is unless you are beyond stupid, then you should be concerned.
November 21 2008 at 3:43 PM Report abuse Permalink rate up rate down ReplyI'll begin worrying as soon as you don't need to be completely computer illiterate to become infected.
November 21 2008 at 2:45 PM Report abuse Permalink rate up rate down ReplyHot Apps on TUAW
Deals of the Day
more deals- miFrame Picture Frame Dock for iPad for $64 + $8 s&h
- Refurb Apple iPod nano 8GB MP3 Player for $99 + free shipping, 16GB for $119
- Bling Diamond Snap-On Shell Case for iPhone 4 / 4S for $2 + $2 s&h
- Hannspree Apple-Shaped 28" 1080p LCD HDTV for $270 + free shipping
- Bracketron Stand with Headrest Mount for iPad 2 for $11 + free shipping
- Philips wOOx Alarm Clock Radio for Apple iPod / iPhone for $60 + free shipping
Software Updates
more updates- EFI Firmware Update brings Lion Internet Recovery to 2010-model Macs
- OS X Lion 10.7.3 released with Safari 5.1.3, Wi-Fi bug fix
- Aperture updated to 3.2.2, addresses Photo Stream issue
- Apple updates Keynote to address Lion issues
- Google Search app gets new look on iPad
- Apple releases Apple TV Software Update 4.4.3
Featured Stories
more stories
Popular Stories
TUAW (or The Unofficial Apple Weblog) is a website devoted to tips, reviews, news, analysis and opinion on everything Apple.
23 Comments