, The Register 2004-10-25
One of the first pieces of malicious code targeting Apple's Mac OS X operating system has been discovered. The Mac OS X malware, dubbed Opener, is a rootkit for Mac OS X machines that contains a variety of destructive functionality including a keylogger and backdoor components.
Expand all |
Post comment
Alert users when someone is connected or attempting to connect to their computer via a network connection. (Currently there is nothing included in OS X's GUI to indicate that such an event is occurring at all.)
Alert users when software is installing anything which constitutes an extension to the OS (from the user's view) such as StartupItems and LoginItems (and preferably ask whether the user wishes to allow the item to be "always" on.)
Or perhaps confirm at restart or shutdown that new additions to StartupItems or LoginItems should be run at startup.
Enforce permissions on critical folders such as /Library/StartupItems so that third party installers can not leave a system vulnerable to this type of infestation.
A few small measures would have negated the threat of this script and thus all this hype as well. Perhaps Apple will take security more seriously now that the press has blown this completely out of proportion.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/9796/28850#28850