Another proof-of-concept virus
The bad news is there’s another Mac OS X virus out there.  The good news is that, as usual, it really doesn’t seem to cause any problems. Dubbed a “proof-of-concept,” the “Macarena” virus seems to do nothing but replicate itself to all files in the folder it is run from.
Of course, simply by replicating itself, the virus (which only runs on Intel Macs) is using CPU, disk and memory resources, so that’s not good. Also, as we say in our book chapter on viruses, viruses usually aren’t well tested, so even if they don’t mean to do anything bad, often they do, due to bugs. That could well be the case with this one, so it’s definitely worth making sure your anti-virus definitions are up to date.
How does the virus get installed and run in the first place? At least one report says it has to come over from a copy of Windows that’s running on the same Mac (for instance through Apple’s Boot Camp). If this is true, it would be the first reported instance of such a platform-crossing (as opposed to cross-platform) virus. Beyond that, it could of course be sent as an email attachment, along with the appropriate verbage to trick users into opening it. But it doesn’t seem to do this itself.
One other piece of related bad news: the virus writer has made the virus source code available, so we may see copy-cats that actually do bad things in the future. The good news: the source code actually admits that the virus was very difficult to write for the Mac OS.
Wednesday, November 8, 2006