Worm Demonstrates Apple PCs Susceptible to Malware Too

A security researcher who would not reveal his identity said he has created a worm that could deliver a harmful payload to a Mac OS X system despite it being fully patched.

According to a note put up on the Information Security Sellout (ISS) blog, the worm demonstrates that Apple computer systems are also vulnerable to malicious software just like PCs running Windows.

A team of anonymous researchers under the name 'Infosec Sellout' has written the blog. The researchers said they designed the worm at the request of a client. Further, they would not publish any proof-of-concept or associated details. The researcher also assured that the client would not use the malware for any criminal reasons.

The original post of July 15, 2007 on the ISS blog, which was soon erased, said the author wrote it for some reasons of his own although it would prove to those (Joanna) who requested him to go about with the job. And of course he was being paid for the work. Theregister.com published this on July 19, 2007.

However, noted security researcher Joanna Rutkowska said she didn't know Infosec Sellout and insisted she did not pay anyone to create worms.

The author plans to eventually notify Apple about the bug. The author's worm apparently would exploit the vulnerability lying in MDNSResponder networking feature of Mac OS X. The author says, on exploiting the security hole, the worm could execute code at the core level of software so that a hacker could plant malware on the infected system.

The researchers wrote that although the worm is nothing unique compared to malware on PCs running Windows software, it certainly proves Apple computers' vulnerability to malware just like that of Windows-based computers. Vnunet.com published this in news on July 18, 2007.

Attempts to prove a point like this happened earlier too.

A virus targeting Apple's iChat software first arrived in February 2006 following which, another one appeared for OS X's Bluetooth application. Nine months after that, a third virus, called OSX.Macarena, was discovered. All these viruses could only record up to 50 infections, while there was no report of malware installation.

Related article: Worm Spreads With Random Subject Lines

» SPAMfighter News - 8/3/2007