“A second Mac security threat has appeared. Security experts at Sophos have issued protection against this second Mac OS X worm, which is called ‘Inqtana-A,'” Macworld UK reports. “This worm spreads among Macs using a Bluetooth vulnerability (known as CAN-2005-1333), it appeared within days of the discovery of the Mac OS Leap-A Trojan last week. Once again, the threat isn’t critical. The Bluetooth flaw the worm exploits was addressed by Apple in mid-2005, when the company released a patch to protect against it. This means the worm is unlikely to spread successfully. Sophos warns that Mac users should keep their software up to date, applying Apple Security and OS updates as they are released.”
Full article here.
“F-Secure and Symantec have both called Inqtana a “proof-of-concept” worm, saying that it is just an example of a potential attack code, and probably won’t be any treat to users. Symantec Security Response director, Vincent Weafer, however, believes that this could be the beginning of a trend,’ TeleClick reports. ‘We have speculated that attackers would turn their attention to other platforms, and two back-to-back examples of malicious code targeting Macintosh OS X this week illustrates this emerging trend,’ Weafer warned.”
Full article here.
MacDailyNews Take: A proof-of-concept worm that is no threat to users and was patched in mid-2005 “could be the beginning of a trend?” Give us a break.
Advertisements:
• MacBook Pro. The first Mac notebook built upon Intel Core Duo with iLife ’06, Front Row and built-in iSight. Starting at $1999. Free shipping.
• iMac. Twice as amazing — Intel Core Duo, iLife ’06, Front Row media experience, Apple Remote, built-in iSight. Starting at $1299. Free shipping.
• iMac and MacBook Pro owners: Apple USB Modem. Easily connect to the Internet using dial-up service. Only $49.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
Related MacDailyNews articles:
OSX.Leap.A: a near miss for Mac users – February 18, 2006
Apple: ‘Leap-A’ not a virus; only accept files from vendors and Web sites that you know and trust – February 16, 2006
F-Secure and Symantec are working on creating a virus for Macs. That is what this really means.
‘We’ are awake and we do know OSX is not invulnerable. But for heavens sake only bother me when there is some real action… Nothing in all this is very momentous or very threatening. It has a long way to go before I would be fearful…
Mike wrote:
The point is that in it’s five years of existence, Mac OSX has seen it’s first two exploits this week.. Let’s put the arrogance aside, and learn to accept the fact that we will most likely be facing more sophisticated attacks in the near future.
Let’s clarify – it’s the first two exploits in the wild, not the “first” two exploits. There have been quite a few exploits discovered for MacOS X, and all have been patched by Apple (remember all the “Security Updates”?).
No operating system is perfect; everyone makes mistakes. It’s how you handle the mistakes that people look at. And Apple handles them superbly, while Microsoft … well … shall we say, has quite a ways to go.
MW: “much”, as in “The reporting of these ‘exploits’ count as much ado about nothing.”
Macaday says: “But for heavens sake only bother me when there is some real action…”
Who is bothering you? You are the one who is voluntarily posting comments on the subject..
All the article that I’ve read so far have clearly stated that these exploits are low-level thrreats and are affecting a minimal amount of users.
Hey, “Mike”– One of those frickin’ “exploits” was patched by Apple more than half a year ago!!!
Yaah, some exploit.
[Snore]
Symantec. McAfee. Legal terrorism in the United States.
Diana’s Head says “one of those frickin’ “exploits” was patched by Apple more than half a year ago!!!”
Yes, I’m well aware of that and I’m happy that Apple takes great efforts in keeping up-to-date security patches.. Again, I’m not comparing Apple to Microsoft and saying which is better….
The point is that of the enitre installed Mac base, there are over half that do not have the latest OS and updates installed.. So for millions of casual users it is still considered an exploit…
As the great late Johnny Guitar Watson would put it: I don’t even care!
What a coincidence, isn’t it? After the first worm appeared, a security vendor comes with another proof oc concept worm that is a java vulnerability in the first place and that was patched more than 6 months ago! What the heck, those guys do really think we are that stupid to fall for their commercial traps…
Run you Mac OS X sessions as a non-admin user (as it should be run, by the way) and nothing of the crap that gets to Windows users will affect you…
I don’t even care!
Who writes proof of concept malware?
Who writes trojans that do no damage, trojans that don’t turn a computer into a zombie spam server?
Who writes such a lame ass piece of malware for the Mac OS X first?
No kudos here for a hacker here. No script kiddies here.
The author is a Mac user with a very good knowledge of the OS. But why? Where is the financial gain? Where is the fame?
Who can gain from the world wide publicity that this malware generated?
Not Microsoft. No one will switch to Windows because the Mac is vulnerable. No Windows user will avoid switching to Mac because of Mac malware.
No, 2 pieces of benign Mac malware in one week is a coordinated effort.
There is no doubt in my mind that anti-virus software companies have seen the writing on the wall. Microsoft will bundle anti-virus software with Vista and all of these companies will be looking for customers elsewere shortly. Once the monopolist strikes again, millions of Mac users will make up some of the losses.
It’s easy to see who wrote the Mac’s new malware.
PPC, You should care, Panodra’s box has been opened.
Because Leap-A cannot–it’s for LAN only. And Inqtana sounds like like Bluetooth only.
So it all adds up to zero.
FSCK SYMANTEC SCARE TACTICS
Their software is full of exploits and runs as root!!
http://news.designtechnica.com/article9131.html
Sorry Mike, but it hasn’t. Really.
I cannot take those 2 worms seriously if the first one is a jpeg that asks for my permisision to be run… It’s like someone calling you home, telling you it is calling from the bank and asking for you password to do some administrivia…
The second one is an already patched java vulnerability…
None of those worms indicate some unknown flaw in the OS, so why should I care? Because they are being marketed by the vendors of anti-virus software and bozo journos that know nothing about OS X or Unix and want to make headlines to make everyone believe OS X is just as insecure as Windows?
Sorry, I have used Windows 3.1 and DOS 5 from 1991 until 95 when I switched to a Mac running System 7.5. Unfortunately, I have been forced to use Windows 95, 98 and NT at places I worked during those years and I sure am in the position to know who gets its virus! Let me put this clearly: I never ever got a single virus on the System days and, obviously, none also after updating to OS X some 3 years ago.
Now, I have seen several friends machines running Windows that had to be formatted due to virus, crashes and odd behaviour. Fortunately, most of my friends have switched after I told them what their computing life would be if they ran a Mac.
Even if a very clever virus writer discovers some vulnerability in OS X in the future, running OS X as a non-admin user (as it should be run) will protect you from that. OS X has been on the loose for 5 years and its BSD granddaddy far more than that, it is inherently secure. Period.
Cheers
Mike,
It’s not about having the latest OS but having the latest updates. Many of us can’t upgrade to OS10.4.4 because of various third party software applications. If we’re trying to err on the side of caution we should be accurate. All computers users Mac or Windows (shudder) should always have the latest OS updates. Anything less is just plain stupid.
For Mac novices it’s as easy as clicking on the Apple logo on the top left hand side of the screen and then “Software Update” (or just let your operating system check for you automatically). After this you decide what you want and what you need. If in doubt just download everything.
The reason these companies are releasing FUD is because they know they are begining to lose their bread and butter from Windows XP congregation that have begun to drink the apple koolaide. The windows economy will begin to decrease as apple doubles its market share this year. Less people to buy there crap. Apple is not just fighting Microcrap, but all the toliet paperwipers that support the flawed microcrap company and its economy. It will get worse as apple continues to increase in market share. More FUD. This is the price of success for Apple. When shorthorn is released apples stock will dive as shorthorn is preached as the salvation of Windows users then the truth will be spread by the Windows congregation and Windows will begin a 10 year decline that it will never recover from. Apple will gain 45 percent market share and linux 20 percent then microcrap will be a minority. And every body knows what americans do to minorities.
No! Symantec. I’m not buying your anti-virus software. I’ll leave it to Apple to patch the problem. Go find some Windows user to scare.
d:b
actually, if you have Windows up-to-date, you rarely if ever get a virus.
The same principle apply for both systems.
The prophet says:
“And every body knows what americans do to minorities.”
Take YOUR brand of FUD elsewhere, scum bag.
Plenty of bad news for Apple. Continuous, non-stop virus, malware, and trojan horse attacks with no end in site. Everyone predicted that with more systems sold and the switch to Intel that security was going to be a problem. Since almost no users run an anti-virus program on the Mac we can expect to see massive outbreaks and countless crashes of Apple computers everywhere. Any hope that Apple was going to make inroads back into schools or businesses has all but evaporated as all Mac users start looking for OS alternatives.
This looks to be a very good year for Linux and Windows. I expect a massive switch this year from Apple to Linux and Windows to get a fast and secure operating system that actually has applications you would want to run. To those with Apple stock — sell while you have the chance before the giant crash comes and you are left with a penny stock.
justified says: The prophet says:
“And every body knows what americans do to minorities.”
Take YOUR brand of FUD elsewhere, scum bag.
Now my young subject my phone rang and I was unable to finish my writing. I know continue: Everybody knows what americans do with minorities. They champion the underdog and the new OS wars begin. Return of the Sith. Heeeeehehehehe
Wow, Mac Realist, your definition of non-stop is whacked, your wife must be thrilled with her non-stop lovemaking.
If I’m a windows user and I see all this news about the first virus, which is later retracted so its back to zero, while “my” operating system is getting hundreds of attacks every month I’d start rethinking my choice in who I trust with my data.
F-Secure say that they discovered this threat, but it’s not in the wild.
But as it can only propagate via BlueTooth, it could only have travelled a few metres, say across the room.
Unless F-Secure are prepared to explain exactly where they discovered this Java code, my belief is that they developed it themselves.
Apple had already shown them the way in, when they announced the patch to shut that exploit. So nobody wanting to attack Macs would think that exploiting an already patched exploit is a good way forward.
The people that stand to gain from this are F-Secure themselves. By developing some trivial Java code to exploit a previous vulnerability, they can get themselves a great deal of free publicity.
On the face of it, the thought that security companies with an in-depth knowledge of OS X are involved in writing exploits of this nature is worrying, but I take comfort from the knowledge that the best they have been able to come up with so far has been a couple of feeble worms, which none of us will ever encounter. If that’s the best that the experts can devise, I don’t think that there’s too much to lose sleep over just yet.
The beginning of the end…
These are just warnings of the things to come.
We could hide only so long before the evil eye of Sauron found us.
Frodo anti-virus software coming soon!