Apple responds to so-called Mac OS X Trojan report

“Apple has responded to reports that a Trojan Horse has been found in a bogus Microsoft Word 2004 demo. The company issued a statement, suggesting that the Trojan is not a significant threat as it does not propagate itself,” Karen Haslam reports for Macworld UK. “Apple said: ‘This is not a virus, does not propagate itself and has only been found on a peer to peer network. This is an example of the perils of seeking illegal software.'”

Full article here.

Related MacDailyNews articles:
Intego says Mac OS X Trojan AppleScript applet in the wild – May 12, 2004
Mac OS X so-called Trojan horse ‘exaggerated FUD to sell security software, a non-issue’ – April 10, 2004

28 Comments

  1. I tend to agree with them, but this STILL needs to be addressed. I won’t shed a bunch of tears over anyone who tries to get software for free who loses data in the process, but since it could be speard via email or other more benign methods, Apple should make it harder to run ANY AppleScript that erases your data without asking your permission (and allowing “power users” to disable the warnings).

  2. I have to disagree there. An Applescript only executes commands that the user himself/herself is privileged to do. Many people like me need this functionality.

    I say caveat user.

  3. “However, while this Trojan Horse is unable to propagate itself, it is the first example Mac-specific malicious software to emerge following the Concept Trojan Horse identified by Intego last month.”

    They write this stuff as if it’s never been done before. Even in the old OS 9 days there were AppleScript trojan horses on the Hotline boards. No one ever made a stink about those.

  4. The media seems desperate to find a weakness in MacOS X. A conspiracy theorist might wonder if they are being “encouraged” by M$.

    I would like to see an Apple ad campaign, “M$ Windows is beating MacOS X 70,000 to 1…in viruses, worms and trojans. Which operating system would you prefer?” I can see the beginning of the commercial with a big, white “M$ Windows Wins” and “70,000 to 1” floating larger on a black background. Then the words “viruses” and “worms” appear with specific names like blaster, etc. Maybe that’s too geekish to be effective, though.

  5. ” Apple should make it harder to run ANY AppleScript that erases your data without asking your permission”

    Now thats a liberal statement. Waaaa fix it so I cant break it, take care of me for free. Time for people to be responsible for their own actions, it deletes your home folder, not the system folders. Take inititive, and if you get a file from someone you don’t know, or about something you didn’t ask for, or the email isn’t signed. The don’t run it DUH. This is basic Email 101.

  6. Needs to be addressed? If that’s the case, then let’s disallow users from being able to delete or modify anything at all without the express permission of a qualified Apple technician – in every instance.

    Let’s be real. If someone is stupid enough to run this AND stupid enough to not regularly back-up their hard drive, then they’re doubly doomed. Darwin applies. Delete away.

  7. Too Geekish to be effective? That’s a Brilliant idea! I’d love to see someone work up a concept video for it, just for kicks. ” width=”19″ height=”19″ alt=”smile” style=”border:0;” />

  8. This is no different than downloading any other program and installing it. Even Photoshop and Office make changes to the directories.

    Anyone that thinks they are installing a legitimate software package is subject to malicious programs. Programs read, write, move, delete, and open things on the hard drive. You cannot stop this without preventing that and making the computer useless.

    The lesson here is, don’t install software you get from a legitimate source. Macupdate.com and other sites like it are great places to get software becuase everything is screened. Download something from an e-mail, peer-to-peer network or Joe Blow’s Software Waraz Site and you better beware.

  9. Way to go, Apple! Turn Intego’s marketing ploy into a marketing ploy for iTMS !!!! It’s PR judo.

    I hope more of these trojans show up on the P2Ps. One that would delete all of a user’s MP3s while leaving the MP4s intact would be just the ticket. Call it “iTMS paladin”.

  10. I agree with twilightmoon on this. What I’m saying is that Apple should make it harder for *anything* to mass delete data. Deleting a few files from directories is no big deal, but “rm -rf ~” is a big deal! No normal user would ever run that on the shell intentionally. Power users…..maybe. Most likely it would be used in a lab environment by an admin in some kind of script though. The point being, Apple should throw in extra safeties to keep this kind of thing from being possible for normal users. All that would be necessary is a “safety” of sorts. You can disable it manually if you like, but it’s on by default so normal users don’t ever have their home folder deleted for them by a script. Most people are smart enough to know not to drop their home folder in the trash, but most people don’t even know the terminal exists and certainly don’t know they could delete their entire home directory by running a single command without authentication.

    -Joel

  11. I have no sympathy for someone who screws up their computer trying to install illegal software and/or stupid enough to think that Microsoft has the ability to make an installer as slim as 108KB.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.