Security threats Toolkit
Story: There's no worm in your Apple - honest
Posted by: Ptitboul (Tuesday 2 November 2004, 11:21 AM)
Some versions of Opener are worms, all are spyware.
The Opener/Worm replicates himself when a / partition of a distant machine is mounted (by an admin of the distant machine). It replicates himself by creating a /Library/StartupItems on the distant machine, and copying itself in this directory. This mode of propagation is very inefficient, and Opener/Worm should not be feared.
The security flaw used by Opener/Worm is the access rights on /Library, which by defaut is writable by the admin group. Apple should issue a security patch that corrects this flaw.
Full Talkback thread
Story: There's no worm in your Apple - honest
-
"Blighting" - one person has this malware installe... Anonymous -
"Apple Macintosh has denied that the malicious cod... Anonymous
-
If opener was PC malware, it would be classified a... Anonymous
-
You are of course right about the erroneous Macint... Matt Loney
-
If someone can sit down on your machine to install... jbelkin
-
No worries with Opener.
But the worst thing t... Anonymous -
It does not make sense to pay for and us... Dave Carmean -
So by Sophos' standards, if I try t... Graham Cluley
-
Yes. It is just a batch file.... nonono -
Opener is just a script that must... Anonymous
-
Thank's to the complete lack o... D W
-
The Anti-virus vendors classify it as a virus.
I'm... Anonymous
-
Antivirus company Sophos said: "Renepo is a worm,... Anonymous
-
If this is a virus, it's like the joke goes w... Terry Wilson
-
Facts:-
My apple doesn't get hammered wi... seanthemac
-
Well since Sophos representatives are already on r... no_thanks_sophos
-
Some versions of Opener are worms, all are spyware... Ptitboul -
"Symantec declared that Mac owners were protected... Walter Medea
-
Bullshit! just a buch of jerks try to beat the dru... Anonymous
-
grsisoft symantec and webroot are the big men now Anonymous
