[ale] Mac OS/X trojan
Dow Hurst
dhurst at kennesaw.edu
Thu Apr 8 16:39:42 EDT 2004
INTEGO SECURITY ALERT
Intego Announces Protection against the First Mac OS X Trojan Horse:
MP3Concept
Paris, France: 4:15pm, April 8, 2004 * Intego, the Macintosh
security specialist, has just released updated virus definitions for
Intego VirusBarrier to protect Mac users against the first Trojan horse
that affects Mac OS X. This Trojan horse, MP3Concept
(MP3Virus.Gen), exploits a weakness in Mac OS X where applications
can appear to be other types of files.
The Trojan horse's code is encapsulated in the ID3 tag of an MP3 (digital
music) file. This code is in reality a hidden application that can run
on any Macintosh computer running Mac OS X.
Mac OS X displays the icon of the MP3 file, with an .mp3 extension,
rather than showing the file as an application, leading users to believe
that they can double-click the file to listen to it. But double clicking
the file launches the hidden code, which can damage or delete files on
computers running Mac OS X, then iTunes to play the music contained
in the file, to make users think that it is really an MP3 file . While
the first versions of this Trojan horse that Intego has isolated are
benign, this technique opens the door to more serious risks.
This Trojan horse has the potential to do any of the following:
- Delete all of a user's personal files
- Send an e-mail message containing a copy of itself to other users
- Infect other MP3, JPEG, GIF or QuickTime files
Due to the use of this technique, users can no longer safely double-click
MP3 files in Mac OS X. This same technique could be used with JPEG and
GIF files, though no such cases of infected graphic files have yet been
seen.
Intego VirusBarrier eradicates this Trojan horse, and Intego remains
diligent to ensure that VirusBarrier will also eradicate any future viruses
that may try to exploit this same technique. All Intego VirusBarrier
users should make sure that their virus definitions are up to date by
using the NetUpdate preference pane in the Mac OS X System Preferences.
About Intego
Intego develops and sells desktop Internet security and privacy software
for Macintosh.
Intego provides the widest range of software to protect users and their
Macs from the dangers of the Internet. Intego's multilingual software
and support repeatedly receives awards from Mac magazines, and protects
more than one million users in over 60 countries. Intego also offers
Windows and Palm OS versions of some of its software. Intego has
headquarters in the USA, France and Japan. For further information,
please visit www.intego.com.
As the dangers of the Internet grow, Intego is hard at work, developing
new software to protect users and their Macs from the latest security
and privacy threats. We protect your world.
--
__________________________________________________________
Dow Hurst Office: 770-499-3428 *
Systems Support Specialist Fax: 770-423-6744 *
1000 Chastain Rd. Bldg. 12 *
Chemistry Department SC428 Email: dhurst at kennesaw.edu *
Kennesaw State University Dow.Hurst at mindspring.com *
Kennesaw, GA 30144 *
************************************************************
This message (including any attachments) contains *
confidential information intended for a specific individual*
and purpose, and is protected by law. If you are not the *
intended recipient, you should delete this message and are *
hereby notified that any disclosure, copying, distribution *
of this message, or the taking of any action based on it, *
is strictly prohibited. *
************************************************************
More information about the Ale
mailing list