MacOS Virus hidden in mp3 ID tag

S

Stratman

A friend of mine has just sent me this:-

Yip, some low life has created a OS X virus:
First Mac Trojan Horse Found

The Trojan Horse, MP3Concept (MP3Virus.gen) which affects Macintosh
computers running Mac OS X was identified by Intego. A Mac security
specialist, released a press notice explaining that the virus code is
encapsulated in the ID3 tag of an MP3 file. An MP3 file is a digital
audio file, but the Trojan horse is an executable file that just looks
like an MP3 file. When opened the file launches hidden code which can
damage or delete files. It also launches the iTunes application, so
that you think you've launched a real music file. It could also infect
other MP3 files. Intego further states that the first versions of this
virus are benign, (i.e. they will do no harm), but the doors are
opened
for more serious risks
Click to expand...

http://www.intego.com/news/pr40.html

Just a warning.
 
K

kurt wismer

Stratman said:
A friend of mine has just sent me this:-

Yip, some low life has created a OS X virus:



http://www.intego.com/news/pr40.html

Just a warning.
Click to expand...

the description is a little confused - they aren't careful about what
they're saying... the web page in question is much clearer...

in reality the suspect file is *NOT* an mp3 file and the part about the
ID3 tag in the above message is misleading... it's just an application
disguised as an mp3 (something we're all to familiar with in
alt.comp.virus and alt.comp.anti-virus as similar effects have been
employed in the windows world for some time now)... the disguise
happens to be very convincing as the file actually does contain music
(perhaps a self-extracting archive type of model?) and it launches a
music player (iTunes) to play that music, it's not just an icon/file
extension spoof...

true mp3 files are still as safe as they were before and are still not
'infectable' in the conventional sense (infection requires the host to
have executable content, something which is not part of the mp3
standard)... mac OS X has just enabled malware to appear as something
other than an application...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Win32/Agent.ONB Trojan virus built into an mp3 player rom 11
Macs seized by porn Trojan 2
Is My XP Virus Corrupted? 1
The Aftermath of the Deadly Win32/Sality Virus 1
W32.Spybot.Worm and fileshares 2
Essential PC Software (Updated 21st September 2017) 4
Rearranging the furniture: PWH and wiki 5
FWT Newsletter - Weekly - October 11, 2004 0

Top