Mac OS X so-called Trojan horse ‘exaggerated FUD to sell security software, a non-issue’

(Wired Editor’s note: This story corrects an earlier report that stated that the Macintosh operating system had become a target of a malicious Trojan Horse.)

“Security experts on Friday slammed security firm Intego for exaggerating the threat of what the company identified as the first Trojan for Mac OS X,” Leander Kahney reports for Wired. “On Thursday, Intego issued a press release saying it had found OS X’s first Trojan Horse, a piece of malware called MP3Concept or MP3Virus.Gen that appears to be an MP3 file. If double-clicked and launched in the Finder, the Trojan accesses certain system files, the company claimed.”

“While Intego said the Trojan was benign, it said future versions could be authored to delete files or hijack infected machines. In the release, and in subsequent telephone interviews, Intego was vague about the purported Trojan’s workings and its origins,” Kahney reports. “On Friday, Mac programmers and security experts accused the company of exaggerating the threat to sell its security software.”

“‘They gave the impression that this is a threat, but it isn’t,’ said Dave Schroeder, a systems engineer with the University of Wisconsin. ‘It is a benign proof of concept that was posted to a newsgroup. It isn’t in the wild, and can’t be spread in the wild. It’s a non-issue,'” Kahney reports. “‘They are spreading FUD to sell their software,’ said Ryan Kaldari, a programmer from Nashville, Tennessee, referring to the shorthand for fear, uncertainty and doubt.

Full article here.

MacDailyNews Take: Meanwhile, The New York Post’s Paul Tharp hasn’t received the memo, yet. The Post has the audacity to print the headline, “NEW VIRUS TARGETS APPLE FOR MAC ATTACK” in today’s issue. Once the word gets out, this could end up being great publicity for Mac OS X by opening eyes to the fact that Mac OS X has zero viruses and offers much better security than Windows.


  1. The problem with news organizations is they jump entirely too fast and report before all the facts are known. At least Wired wrote a clarification, most won’t.
    There are NO journalists anymore, only hack reporters.

  2. they’re trying to sell software, and journalists are trying to sell newspapers. . . where are the real professionals? and why do these bungaloos get all the good jobs?

  3. I hope someone makes sure and tell the newspapers how Intego was purposefully exagerating to sell their software. That makes a better story than a new virus of any kind.

  4. I like Apples response:

    Meanwhile, Apple said Friday that it’s responding to the would-be threat and released the following statement:

    “We are aware of the potential issue identified by Intego and are working proactively to investigate it. While no operating system can be completely secure from all threats, Apple has an excellent track record of identifying and rapidly correcting potential vulnerabilities.”

    Slam’s Microsoft real good. In other words keep a eye out of for a software update. The boyz will be working overtime this weekend.

    A far cry from “We can’t do anything about it until 2006” 20 year lasp of security from M$.

    Good free publicity for Mac’s.

  5. I just did some quick tests in RealBasic. It took about 30 seconds to make an app with an iTunes Icon and the mp3 extension (or an app with a JPEG icon and a jpg extension or anything else). I emailed it to myself. It looked like I just received an MP3 or a JPEG. Cool I double clicked on it and it ran the app.

    Now the big thing is it needed me to double click – it didn’t run on its own. Apple has to do some tests to check an app against it’s extension and provide a warning that the file is not what a user might think it is

  6. “I wonder why our two friends Thurrot and Enderle didn’t spread the news yet.”

    They’re still trying to figure out how to gloat without looking sillier than they usually do.

  7. Sailfish “Slam’s Microsoft real good”???

    Where did it mention Microsoft? This is the problem with our community, we read between the lines even when they are blank. 90% of the exploits for MS software comes out after MS finds it and releases a patch. I’m no MS apologist, but the only real mistake MS made was not making Windows Update on by default and difficult to disable. I love OS X, but it’s not that much better than XP. Here’s a flash for our community, people will take us more seriously if we drop the pomp and pretense.

  8. thebobs: ” the only real mistake MS made was not making Windows Update on by default and difficult to disable”

    They started doing this and it is a big laugh: it happened during a presentation and XP started to update and install a security patch. Was a blast, no way to stop the crap, laughs and jokes everywhere.

    Solution: unplug the crap and put in one of the many Powerbooks around among attendees. Great PR for Apple one more time at the lab: the session was saved.

    usually the computer where to run the presentations is the one of the Chair person. He happened to have an HP PC with XP. He even asked about the Powerbook costs at the end of the day so much he was ashamed by the shamble.

  9. When ONE trojan horse or virus is an exaggeration of the real number, that says a lot.

    It should also be noted that for a computer with “just a 3% market share” to make headlines because it could have ONE virus might make people think “My computer as 90,000 viruses, why does this computer getting ONE virus cause such a news story?”

    What bothers me the most is when they say that ALL computers are susceptible to viruses. It is a very feeble attempt to make MS Windows equal to Mac OS X. Although it may be true, it just so happens that Windows has a 90,000 virus head start while the Mac users are still waiting for their first. There is nothing equal about it.

  10. This is TRULY EXAGGERATED FUD – found this on Intego’s Q&A page:

    “Fortunately, unless a user is logged in as root, this type of Trojan horse cannot damage any system files as the permissions applied to these files protect them.”

    How many Mac users – by default – actually are EVER logged in as ROOT for any length of time? I would say close to NONE, since a ROOT account doesn’t exist on new machines and has to be enabled by the user. One has to go through a pretty detailed and specific set of tasks that the average user wouldn’t dare mess with to be able to log in as ROOT, so my guess is that this “potential exploit” will remain just that – a potential – and affect only those who really WANT it to.

    Absolute and complete FUD from Intego. Will be instantly very wary of any future claims that they may make.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.