The OSX/Leap-A worm spreads via the iChat instant messaging system, forwarding itself as a file called latestpics.tgz to contacts on the infected users' buddy list. When the latestpics.tgz archive file is opened on a computer it disguises its contents with a JPEG graphic icon in an attempt to fool people into thinking it is harmless.
The worm uses the text "oompa" as an infection marker in the resource forks of infected programs to prevent it from reinfecting the same files.
What really surprises me is that this has nothing to do with OSx86 (codename for OSX on the new Intel compies.) Rather frightening.
Three cheers for wanka's new candy: malware milk balls. :P
2 comments:
Yeah, but I'll bet there's more to come. Gobstopper's next.
What's Wonka?
Post a Comment