Sponsored By

'Macarena' Virus Targets Macs

Source code for the virus is now public. It hits both client and server editions of Mac OS X from 10.0.0 through the current version.

Gregg Keizer

November 3, 2006

2 Min Read

Source code for a Mac virus has gone public, a security company warned Friday, and although the original doesn't carry a malicious payload, more dangerous variants can be expected.

The virus, dubbed "OSX.Macarena" by Symantec, targets some, but not all, Mac OS X Mach-O executables. Mach-O is the format used by Apple Computer Inc.'s operating system for native executables, libraries, and object code. According to Symantec, OSX.Macarena, isn't designed to infect PowerPC Mach-O binaries, nor Universal binaries, those meant to run on both the PowerPC and Intel Mac platforms.

"Although methods of infecting Mach-O binaries have been publicly available for some time, this marks the first known fully functional Mach-O file infecter [sic] virus," Symantec noted in an alert to customers of its DeepSight threat network on Friday. "The source code for this virus is publicly available and as such it is possible that variants may be trivially developed to extend the viruses [sic] functionality."

The virus affects both client and server editions of Mac OS X from 10.0.0 through 10.4.8; the latter is the most current version of the Apple operating system.

The SANS Institute's Internet Storm Center (ISC) downplayed the significance of the Mac virus. "To be honest the virus is no big deal in itself. But it is yet another warning," wrote ISC analyst Swa Frantzen on the team's Web site.

"It is a warning to get anti-virus protection for those Macs, even if the shopkeeper told you do not need it, even if there are no viruses in the wild today, even if it's hard to buy it, and even if the vendors seem not to know what they talk about," Frantzen added.

Symantec has pegged OSX.Macarena with its lowest-possible threat rating.

About the Author(s)

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights