Researchers announced today an exploit for Macintosh OSX that could potentially expose thousands of computers to worm-like activity.

A blogger wrote that he created proof of concept code that opens Intel processor-powered Mac’s to exploitation. The code is suspected to act like a computer worm, infecting a host system and using it to spread to other vulnerable computers, said Dave Marcus, security researcher and communications manager for McAfee Avert Labs.

“From what (the blogger) has written, which was taken down, it’s very much worm-like,” Marcus said.

The development throws into question long-held beliefs that the operating system was not as susceptible to worm and virus problems as Personal Computers running Windows.

“There is a religious fervor about Macs,” said Marcus, “but we can say definitively that software is software and all applications and all operating systems are vulnerable and the potential for compromise exists.”

The exploit was originally posted on a blog called Information Security Sellout, said Marcus. The post, called “Oh Look. An Apple WORM.” was taken down shortly after it was posted. McAfee released the contents on their Avert Labs Blog Wednesday.

“With a few hours work I have put together a proof of concept worm that works on the Mac OS (Intel),” the post said.

The post also alludes to the possibility that the cracker was paid to create the exploit code.

Macintosh computers have not been the target of many virus and worm attacks compared to their PC counterparts. Marcus said this is merely because of numbers.

“You don’t see as much malware for Mac’s because less people run OSX and Apple than Windows, so they’re not as much as a target of interest at the end of the day because there’s so many more hosts running Windows,” Marcus said.

In February, 2006 Mac-targeting worms were discovered, but did not become widespread and had negligible effects on consumer systems.

About The Author

John Guilfoil is the editor-in-chief of Blast: Boston's Online Magazine and the Blast Magazine Network. He can be reached at [email protected]. Tweet @johnguilfoil.

Leave a Reply