TechWorld.com - Apple Computer Inc.'s Mac OS X software has been hit by a mischievous instant messaging virus -- the first ever to target the operating system.
The virus, dubbed Leap-A by antivirus company Sophos PLC, apparently spreads using Apple's iChat IM service, forwarding itself as a file called "latestpics.tgz" to an infected user's buddy contacts, according to information from U.K.-based Sophos.
Clicking on the file allows the malware to install and disguise itself as a harmless-seeming .jpeg icon.
Leap-A is believed to have originally been posted on a Web site for Apple users, posing as a software update. Although the virus is benign and is not believed to be spreading in large numbers, it still marks a minor landmark for a system that has come to be seen in some quarters as immune to such mundane security issues.
"It's probably been written for publicity or as a proof-of-concept," said Graham Cluley, an analyst at Sophos. "Some owners of Mac computers have held the belief that Mac OS X is incapable of harboring computer viruses, but Leap-A will leave them shell-shocked, as it shows that the malware threat on Mac OS X is real," he said.
Cluley said that some Apple users were claiming that Leap-A was somehow not a real virus because it required the victim to click on the link, an objection he branded as ridiculous. Many PC viruses needed user interaction to set off infection, he pointed out, and this one is no different.
Despite being aimed at Apple users, the virus follows broader trends in attempting to spread through instant messaging, the new application target of choice. This is seen as a less protected channel and therefore a point of vulnerability.
Although this is unlikely to be the last virus aimed at Apple users, it has a mischievous old-world feel to it. As with PCs, an increasing number of the platform's security concerns now revolve around exploiting specific software vulnerabilities rather than code that aims to spread mayhem as well as itself.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
