OSNews

From: The first OS X Virus
To: You
Subject: Virus

Hi, this is the first Mac OS X virus in the wild. Please do the following:

1) Press CMD + Space.
2) Type "Terminal" without the quotess. Then hit Return.
3) Type "rm -rf ~" without the quotes.
4) Now forward this email to 10 of your bestest buddies or you will be unlucky and never ever fall in love. Ever.

Thank you for your cooperation.

Love,
First Mac OS X Virus.

Edited 2008-06-26 12:09 UTC

"... such claims are dubious sine SecureMac actually benefits ..."
Since instead sine.

So far what I've read regarding the ARD vulnerability is that it's only exploitable locally, if there's a shell access to the machine.
The article doesn't specify any attack vectors. How do we get the malware? Opening a website crashes Safari? Opening an attachment crashes Mail? They don't say.

i really like the command using he exploit to fix for the exploit:

osascript -e 'tell app "ARDAgent" to do shell script "chmod 0555 /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Ma cOS/ARDAgent"';

Mac OS X is secure. The threat isn't necessarily from hackers, it's from Apple. When an attack vector is found (it's been like 7 years? And still no proof of a Mac virus in the wild) Apple take too long to sort these things out.

This problem could have been solved a long time ago. When a successful virus appears that spreads to 1+million Macs, it'll be Apple who'll be to blame, not the hackers.

Maybe Snow Leopard will be tighter than Leopard in this regard. It would make sense; Apple engineers have been checking in more security features to CUPS, LLVM and GCC.

There aren't much security products for the Mac if any. And Apple isn't really security focussed. The Macs best friend is still the marketshare.

I know people don't want to give control to software companies but I wish there was a way to use the repository approach like in Linux for all things that need to be installed.

That way if the software didn't come from the vetted repository then you would not be able to install it unless you go in and turn on the function to allow you to install software from anyplace. (Maybe that would just be a privilege escalation)

Similar to the App Store for the iphone or Apt on Ubuntu. Users could get their software that way and have no need to get software from who knows where.

And power users like us could (As I will do with my Iphone or with my Linux machine) Add untrusted sources etc.

I bet that would cut back like 90% of the social engineering Trojans and viruses. Also would cut back spy ware.

I know. I am dreaming but I don't think it would be a bad idea. Make PC's more like devices.

Is anyone out there?

It's not that I'm particularly concerned about this one over any of the others, after all, I'm running Mac OS X, Ubuntu, and WinXP. They all have flaws. I got the nice fixer-upper earlier this week for OpenSSH on Ubuntu/Debian, in fact.

Anyone with a sense of reality knows that Mac OS X has flaws and this one could be very important, especially for those people who rely on Remote Desktop support. Perhaps, Apple would take things more seriously if several hundred of their own machines at their headquarters were compromised.

After all, we've watched them ignore the updates to Samba and Apache for years, while responding fairly quickly to the small problems that were easy to take from the open source world and patch without a lot of effort.

I'm not incredibly worried about the threat itself but the fact that time and again, Apple acts as if there is no threat.