Slashdot Mirror

← Back to Stories (view on slashdot.org)

Worm Claimed For Apple OS X

Posted by kdawson on from the apple-trees-have-roots-too dept.

SkiifGeek writes "Controversy is slowly building over the development of a claimed new worm that targets OS X systems, dubbed by its inventor Rape.osx. Using a currently undisclosed vulnerability in mDNSResponder, the worm is said to give access to root as it spreads across the local network. As with a number of recent Apple-related security discoveries, the author, InfoSec Sellout, is delaying reporting the vulnerability to Apple until after completing full testing of the worm. While the worm has yet to leave a testing environment (with 1,500 OS X systems), it is bound to join the likes of Inqtana and Leap as known OS X malware."

2 of 398 comments (clear)

  1. Windows affected? by nuckin+futs · · Score: 5, Interesting

    exactly what vulnerability in mDNSResponder is it exploiting? Since mDNSResponder also runs on windows if you install bonjour for Windows, does that mean it can possibly be affected too?

  2. Re:Can this travel via "broader network segment"? by greed · · Score: 5, Interesting

    Sure, get infected on the school's lab LAN. Bring your iBook oops MacBook to the coffee shop and get everyone else there. They all go home and infect their room-mate's machines. Who go to a different lab and it gets loose on the LAN there.

    Most laptops aren't isolated to a single LAN these days; they move around. If there really is a flaw in mDNSResponder, then such a worm does have a chance to propagate. Especially if it is subtle and doesn't crash or overload machines, or do insane amounts of network I/O, or any of the other things that cause people to think something's wrong.