heavyLox Posted April 9, 2004 Share Posted April 9, 2004 PSA _____first MAC mp3 VIRUS..... be warned. From ]http://www.macintouch.com/] ]http://www.macintouch.com/[/url] [14:40 EDT] Intego reports a nasty Trojan horse that runs on Mac OS X: Intego, the Macintosh security specialist, has just released updated virus definitions for Intego VirusBarrier to protect Mac users against the first Trojan horse that affects Mac OS X. This Trojan horse, MP3Concept (MP3Virus.Gen), exploits a weakness in Mac OS X where applications can appear to be other types of files. The Trojan horse's code is encapsulated in the ID3 tag of an MP3 (digital music) file. This code is in reality a hidden application that can run on any Macintosh computer running Mac OS X. Mac OS X displays the icon of the MP3 file, with an .mp3 extension, rather than showing the file as an application, leading users to believe that they can double-click the file to listen to it. But double clicking the file launches the hidden code, which can damage or delete files on computers running Mac OS X, then iTunes to play the music contained in the file, to make users think that it is really an MP3 file . While the first versions of this Trojan horse that Intego has isolated are benign, this technique opens the door to more serious risks. This Trojan horse has the potential to do any of the following: • Delete all of a user's personal files • Send an e-mail message containing a copy of itself to other users • Infect other MP3, JPEG, GIF or QuickTime files Due to the use of this technique, users can no longer safely double-click MP3 files in Mac OS X. This same technique could be used with JPEG and GIF files, though no such cases of infected graphic files have yet been seen. Link to comment Share on other sites More sharing options...
Guest j Posted April 9, 2004 Share Posted April 9, 2004 I call bullshit. Edit: Maybe I should rephrase that. What I meant to say was it's going to be hard to pick this one up on your mac.. the executable code is located in the resource fork of the file, which will only stay intact in a file downloaded from the www or through a p2p program if that file is compressed in a .sit archive. So most people are not going to have to worry about it. What's bullshit is that so many people are making a big deal over this.. just to say, "See, macs have viruses/security holes too!" Big deal. Nice to see some mac heads on the boards. Link to comment Share on other sites More sharing options...
heavyLox Posted April 9, 2004 Author Share Posted April 9, 2004 thats your right to do. Can i ask why? Link to comment Share on other sites More sharing options...
villain Posted April 9, 2004 Share Posted April 9, 2004 I bet bill gates wrote it... :crazy: Link to comment Share on other sites More sharing options...
Guest j Posted April 9, 2004 Share Posted April 9, 2004 more info. Not something I'd worry about very much. Link to comment Share on other sites More sharing options...
slave_one Posted April 9, 2004 Share Posted April 9, 2004 i am still on OS9 at home, OSX at work. so this virus is nothing then, right? i don't feel like reading all the technical stuff on slashdot... i love my mac. Link to comment Share on other sites More sharing options...
heavyLox Posted April 9, 2004 Author Share Posted April 9, 2004 so am i to understand: files transffered with out the help of further compression, i.e. stuffed, will have the resource fork removed thus dissabling the .app cloak , thus not executing the code int eh ID3 tag? Link to comment Share on other sites More sharing options...
yoink Posted April 9, 2004 Share Posted April 9, 2004 Originally posted by slave_one i love my mac. ditto...once you go mac you never go back. bust as for the news...Im not too worried about it. I dont DL much from the mac. good heads up though, I hadnt seen that news. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.