PSA ________first MAC mp3 VIRUS..... be warned.

PSA _____first MAC mp3 VIRUS..... be warned.

From ]http://www.macintouch.com/] ]http://www.macintouch.com/[/url]

[14:40 EDT] Intego reports a nasty Trojan horse that runs on Mac OS X:

Intego, the Macintosh security specialist, has just released updated

virus definitions for Intego VirusBarrier to protect Mac users against

the first Trojan horse that affects Mac OS X. This Trojan horse,

MP3Concept (MP3Virus.Gen), exploits a weakness in Mac OS X where

applications can appear to be other types of files.

The Trojan horse's code is encapsulated in the ID3 tag of an MP3

(digital music) file. This code is in reality a hidden application that

can run on any Macintosh computer running Mac OS X.

Mac OS X displays the icon of the MP3 file, with an .mp3 extension,

rather than showing the file as an application, leading users to

believe that they can double-click the file to listen to it. But double

clicking the file launches the hidden code, which can damage or delete

files on computers running Mac OS X, then iTunes to play the music

contained in the file, to make users think that it is really an MP3

file . While the first versions of this Trojan horse that Intego has

isolated are benign, this technique opens the door to more serious

risks.

This Trojan horse has the potential to do any of the following:

• Delete all of a user's personal files

• Send an e-mail message containing a copy of itself to other users

• Infect other MP3, JPEG, GIF or QuickTime files

Due to the use of this technique, users can no longer safely

double-click MP3 files in Mac OS X. This same technique could be used

with JPEG and GIF files, though no such cases of infected graphic files

have yet been seen.

I call bullshit.

Edit: Maybe I should rephrase that. What I meant to say was it's going to be hard to pick this one up on your mac.. the executable code is located in the resource fork of the file, which will only stay intact in a file downloaded from the www or through a p2p program if that file is compressed in a .sit archive. So most people are not going to have to worry about it.

What's bullshit is that so many people are making a big deal over this.. just to say, "See, macs have viruses/security holes too!" Big deal.

Nice to see some mac heads on the boards.

thats your right to do. Can i ask why?

I bet bill gates wrote it... :crazy:

more info.

Not something I'd worry about very much.

i am still on OS9 at home, OSX at work. so this virus is nothing then, right? i don't feel like reading all the technical stuff on slashdot...

i love my mac.

so am i to understand:

files transffered with out the help of further compression, i.e. stuffed, will have the resource fork removed thus dissabling the .app cloak , thus not executing the code int eh ID3 tag?

Originally posted by slave_one

i love my mac.

ditto...once you go mac you never go back.

bust as for the news...Im not too worried about it. I dont DL much from the mac. good heads up though, I hadnt seen that news.