Monthly Archives: May 2012

I happen to have the ‘good fortune’ of having more than one Apple Fanboy amidst my network of associates and they are all downplaying the latest round of Flashback-based malware infections on the Mac as being ‘unusual’ and ‘nothing to worry about’ and they still insist that installing anti-malware software is pointless.  Same thing they have been telling me for just about a decade.

Contrary to what the Fanboys say, Mac OS X has been hit with viruses and worms in the past.  Flashback is not the first. Malware specifically targeting the Mac OS X platform starting appearing as early as 2004.  Apple computers have never been ‘immune’ to malware and spyware, contrary to Apple’s advertising, and Apple computers have been part of the earliest history of virus development, beginning with Elk Cloner which predates the first PC virus “Brain” by about 4 years.  Yes, owners of Apple products had to worry about viruses four years before PC users did…

Here’s the a small sample of the kinds of malware targeting Apple computers that I could dig up in a quiet evening at home from the web. This list of Apple Malware is far from complete:

  • 1982 – Mac Virus Elk Cloner (created by Richard Skrenta).  A boot sector virus attacks the Apple II.  This predates the first virus on Windows computers, so Apple computers got viruses before PC’s did. Dwindling market share protected the Apple computers–just wasn’t worth the hacker’s effort.
  • 1992 – INIT 1984 – Triggers on Friday the 13th on any computer running MacOS (pre-OS X)
  • 1994 – Mac Virus INIT-29-B  modifies system files and applications, crashes the early Macs.
  • 1995 – HyperCard Virus HC-9507 embeds itself in all HyperCard stacks.
  • 1987 – nVIR Virus. Spread by infected floppies.
  • 1988 – HyperCard viruses start appearing
  • 1990 – MDEF (Garfield) infected the operating system files.
  • 1998 – Hong Kong / AutoStart 9805 infects via the AutoPlay feature of QuickTime.
  • 1998 – Sevendust / 666
  • 2004 – OSX /Renepo (opener) script worm
  • 2006 – OSX/Leap-A (OSX.Oomp). First ‘official’ Mac OS X virus. Actively infects via iChat buddy lists.
  • 2006 – Inqtana worm and virus
  • 2006 – Macarena – Proof of Concept worm
  • 2007 – BadBunn; also OSX/RSPlug (DNS Changer) – Persisted till 2011 due largely to the myth that Macs are immune, so Mac users did not patch or protect their systems.
  • 2008 – MacSweeper scareware, Imunizator scareware
  • 2008 – AppleScript.THT that spreads via the Remote Desktop Agent feature by using a tunnel to hide  itself from the firewall and allow remote hackers complete access and control of the Mac.
  • 2008 – OSX.Lamzev.A – Opens a backdoor to allow hackers to control your Mac remotely
  • 2008 – OSX.Trojankit.Malez … Continue reading