Mac OS X Trojan Warning
Well its about time I guess... The first trojan for OS X has been released.
"Mac OS X displays the icon of the MP3 file, with an .mp3 extension, rather than showing the file as an application, leading users to believe that they can double-click the file to listen to it. But double clicking the file launches the hidden code, which can damage or delete files on computers running Mac OS X, then iTunes to play the music contained in the file, to make users think that it is really an MP3 file . While the first versions of this Trojan horse that Intego has isolated are benign, this technique opens the door to more serious risks."More info at Intego.comUpdate April 11/04:From Arstechnica comes this:
The proof-of-concept is exactly that: a demonstration that OS X can be vulnerable to some Trojan horses, and not much more. The file posted on the Usenet takes advantage of a beahvior that is a carry-over from the Macintosh's pre-Unix days: the file's creator code is evaluated before the extension when the file is opened from the Finder, while the Finder displays the icon associated with the extension. The file in question cannot be easily spread to other computers via P2P or e-mail unless compressed, as failure to compress it makes it inoperable.