“After a week of contemplation, Apple has announced that the ‘Opener’ malware program blighting OS X is not a virus – although the security community disagrees,” Dan Ilett reports for ZDNet UK. “Discovered a week ago, the Opener program
33 Comments
Reader Feedback
Apple Watch X likely to feature a major redesign
A next-generation Apple Watch, suspected to be the long-rumored Apple Watch X (ten) will use a new resin coated copper (RCC) motherboard…
Apple co-founder Steve Jobs spent ‘hour after hour’ on product design
Steve Jobs dedicated “hour after hour” to the minutiae of product design at Apple, driven by a belief of God being in the details,…
Apple Vision Pro killer app: Sports and concerts, totally immersive
So far, the killer apps for the Apple Vision Pro , besides watching movies and TV series, appear to be sports and concerts…
Apple TV+ debuts trailer for ‘The Big Cigar,’ new limited series starring André Holland as Black Panther leader Huey P. Newton
Apple TV+ on Wednesday revealed the trailer for “The Big Cigar,” the upcoming limited series led by André Holland, who stars alongside…
Apple’s forthcoming M4 Mac Studio Sounds like an absolute beast
Apple’s current Mac Studio delivers next-generation speed, but the next-gen M4-powered Mac Studio promises to deliver breathtaking power…
>>End sarcasm
sarcasm! on MDN?? WHAT IS THE WORLD COMING TO?
^^ LMAO – well in summary mode – this ‘virus’ can only work if u approve it by entering the admin password…so we are safe…
WTFDTM
Acorym buffs: have a field day. I continue to ignore your idiotic substitutions for actual words in an attempt to take lazy shortcuts to real communication.
Symantec declared that Mac owners were protected if they had kept their antivirus software up to date.” Ilett reports.
Sheesh people are acting like it’s an epidmic,
How many computers have been infected, I bet I count them on my hands.
Yes, what feeze said…
Let’s hear how many, or what percentage of Macs have been affected. Until then, I’m not going to worry…
Actually, in it’s present form, it is spyware.
We have made the big time. We finally have spyware, just like the big boys.
Hey, beryllium
What, exactly, is an “acorym” (to which you have such vehement objections)? Do you mean “acronym”? Man, if you’re going to be self-righteous, at least be RIGHT!
Well, we have all � as mac users � been saying that OSX is safe, and if this is the best that the underground can come up with, I have nothing to worry about. The only way this thing spreads is by the users’ own stupidity. Hell, anyone getting infected by this should have an honourable mention in the Darwin Awards.
they want us to have the same problems sooo bad….Hah…..ain’t going to happen….
Anti-virus software? I vaguely remember something called Norton Anti-Virus but since it would constantly crash my computer and disrupt the operation of other mission critical applications I deemed it malware and disposed of it. Since then my computer has been safe and stable.
The security companies have said that Opener is not in the wild and is not spreading so as far as I can tell it is another “proof of concept”, albeit a nasty one. I wonder who actually came up with this? Truth can be stranger than fiction.
So anyway, even if you class Opener as a virus, there are still no viruses in the wild for OS X. We should not be complacent though, one will come along someday. I think the Mac community will deal with it swiftly when it does however. Just be smart and don’t provide your admin password for suspect downloads and everyone should be fine.
This is a great article on why the Mac is more secure, and always will be:
http://daringfireball.net/2004/06/broken_windows
I’d have to say, I only partly agree with Apple over this. I agree that Opener is not a virus, but I’m not certain I would say it’s not a trojan. Given the proper incentive, a user could be trick into installing it on their machine, and once installed, it would attempt to spread to other machines the user has access to. Of course, no one has actually proved that it could spread, just that it tries to, but that said, if you were a system admin, that got tricked, you could compromise your entire network.
But seeing as the thing can’t spread across the internet, and requires administrator access, and user approval, I’d agree that calling it a virus is a bit much. And seeing as how no one created the ultimate program to trick users into installing it, it doesn’t technically qualify as a trojan either.
Though, since Mac users should be running antivirus software, just to aid in the protection of their PC brethren, then I’d rather have the antivirus companies monitor for it than not.
Installing expensive anti virus software because of this sorry excuse of a trojan/virus/whatever is like buckling up in a drive-in movie theater when a car chase starts on the screen.
Sorry, Symantec, no business here!
allgood2, if u are an admin and u get tricked! then you should be fired immediately!! what kind of fscking stupid admin is downloading shit from p2p services?? lol
anyway even then he would still have to enter his admin passowrd on every computer for it to work right?? or am I wrong?? I’m asking a question here i’m not sure if an admin can do it over a network?. But it’s funnie how these product companies have to tryin to force us to buy their products! they broadcast it on CNN like Osma Bin Laden had just bombed another place in the states or something. Truly SAD!
thanx 4 being so smart beyrllium. its so wrong 2 save time in a message post. :p
Theres also the Mallet virus that you guys haven’t heard about. Its very destructive and requires the user to repeatedly beat his mac with a heavy mallet. Keep an eye out for this one peeps.
I have the Renepo code. It is public. It is rather a rootkit, of the kind that always existed for Unix platform.
If I were the author and had been successful in tricking and admin of an OS X platform I would consider myself lucky if by the end of the week I had some 10 IP number for OS X machines where my Renepo had been able to spoof the root password from the first admin.
And I would have to log to the first machine in order to retrieve that info in that – currently(?!) Renepo does not call home.
Sure, it is a security threat, but it is more a threat of admin not having safe behavior rather than something else.
If you are not admin of your machine there is no way Renepo can work. If you want to protect yourself even from a Renepo used in a Trojan, just create a second account and give this last admin privileges. Then turn your primary account – your daily horse – into a regular account. There: you cannot now install Renepo even if a naked Britney begged you to.
Nope, it does not spread. The only thing it tries is to copy itself – IF – you have a mounted volume on another OS X machine AND you do that as admin of that machine. Then it copies itself in the System Startup Items and begins its spoofing and cracking (Joe the Ripper) if that machine is rebooted.
Otherwise, there is no other means of spreading (currently).
Symantec also reported on another virus which is at least as dangerous as Opener, if not more. It’s called OpenWindow. Basically a hacker gains access to your computer through a door in your home or business and chucks your computer out the window, often rendering it useless. Symantec is going to start selling a new protection system to deal with this particular virus, and they call it iChain. It is their first solution that is actually hardware as opposed to software.
ndelc…
OpenWindow? I love it!
Can this “opener” be contained within other programs… say, shareware programs?
If so, then the risk is significantly increased.
Sorry, I will not go out and buy virus software and bog down my Mac so I can help “protect my PC brethren”. I won’t purchase virus software until, or if, viruses actually start popping up for OS X.
That may sound cruel and a bit harsh, but hey, they decided to buy a piece of crap, they can deal with the problems that come with it.
glick, it is a regular bash script, using regular bash builtin commands that only do work if you have root level access. Otherwise: bzzz, does not work.
It is a script, it is a script, it is a script. Nothing more, nothing less.
Sure, you may put it in an installer that asks for admin password to install and it would copy Renepo in the System and Library location and issue a ./opener to launch it.
If the shareware programs asks to install itself then yes, it would be possible. But then again, what spread? you should be admin to other OS X platform for it to do any damage once it spoofs your password.
If you all think it as a Windows worm or virus with exponential growth then relax. It is a rootkit which at most drips to few hundred machines (if ever: it needs root account enabled) in a month worldwide if it was to be released.
Nothing more nothing less than regular Unix rootkits existing since tens of years.
So, as a final remark, yes, OS X is Unix. Someone just took the time to translate a bash rootkit script into one that would run under OS X environment.
Doh!
[WTFDTM]
Why The Fsck Don’t They ‘Mac’?
Am I close? Do I win a prize?
TTFN ” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
trying to make money off os x by pretending its swiss cheese..
for shame…