Sophos Discovers First Ever Virus For Mac OS X

Experts at SophosLabs, Sophos’s global network of virus, spyware and spam analysis centres, have discovered the first virus for the Apple Mac OS X platform. The virus, named Leap-A (also known as Oompa-A) spreads via the iChat instant messaging system, forwarding itself as a file called latestpics.tgz to contacts on the infected users’ buddy list.

When the latestpics.tgz file is opened on a computer it disguises itself with a JPEG graphic icon in an attempt to fool people into thinking it is harmless. The worm uses the text ‘oompa’ as an infection marker in the resource forks of infected programs to prevent it from re-infecting the same files.

“Some owners of Mac computers have held the belief that Mac OS X is incapable of harbouring computer viruses, but Leap-A will leave them shell-shocked, as it shows that the malware threat on Mac OS X is real,” said Graham Cluley, senior technology consultant for Sophos. “Mac users shouldn’t think it’s okay to lie back and not worry about viruses.”

Experts at Sophos are continuing to examine Leap-A and will issue further information shortly. Sophos customers have been automatically protected against the worm since 12:25 GMT.

“This is the first real virus for the Mac OS X platform,” continued Cluley. “Apple Mac users need to be just as careful running unknown or unsolicited code on their computers as their friends and colleagues running Windows.”

Sophos advises all computer users, whether running PCs or Macs, to practise safe computing and keep their anti-virus software updated.

More information about this virus can be found at Sophos