Here's a dirty secret. I work for PC Advisor, and I own a Mac. Actually, I have a PC too. I may struggle with the luxuries (nice clothes, good food, a roof…) but I've got two computers. And some time ago I unhooked the PC from the web, choosing to use only my Mac to surf. Why? Instant freedom from malware and the constant effort to keep net nasties off my system. But such days are long gone.
Mac users have been smug about the security of their OS for too long, it seems. The perverse fact is that as the security and stability of OS X becomes more popular, net scum are increasingly going to go after it. See Mozilla Firefox for details. And early this week Symantec identified a proof-of-concept virus – OSX.Macarena (even the title's irritating) – which offers a "very low" level of risk. Very low, but a level of risk all the same.
The virus was identified on 2 November. Symantec described it as "a proof-of-concept virus that infects files in the current folder on the compromised computer".
So, as a US intelligence officer would love to describe a North Korean warhead: it exists, but it carries no payload. And (to continue the torturous similes) like a soon-to-be-dead male praying mantis, Macarena's only desire is to replicate itself. I thank you.
Once launched, the catchy rhythm of the Macarena infects every file in the same folder. But so far only 50 systems have fallen under its musical spell. "It won't replicate very well, because it is restricted to the current directory," explained Symantec's Peter Ferrie on his blog.
"If you have read the OSX/Leap paper from this year's Virus Bulletin conference, you will have seen some suggestions about possible infection methods. Those suggestions were all ignored by the virus author in this case. Instead, the virus writer has found a rather unexpected region of memory in which to place the code, along with a way to gain immediate control when an infected file is executed," he added.
So, nothing to worry about right now. But it's the thin end of the wedge. And it's a step closer to the day when I have to forgo my evening meal of thin gruel in order to shell out for security software. Linux, anyone?