'Macarena' Virus Targets Macs
The virus, dubbed "OSX.Macarena" by Symantec, targets some, but not all, Mac OS X Mach-O executables. Mach-O is the format used by Apple Computer Inc.'s operating system for native executables, libraries, and object code. According to Symantec, OSX.Macarena, isn't designed to infect PowerPC Mach-O binaries, nor Universal binaries, those meant to run on both the PowerPC and Intel Mac platforms.
"Although methods of infecting Mach-O binaries have been publicly available for some time, this marks the first known fully functional Mach-O file infecter [sic] virus," Symantec noted in an alert to customers of its DeepSight threat network on Friday. "The source code for this virus is publicly available and as such it is possible that variants may be trivially developed to extend the viruses [sic] functionality."
The virus affects both client and server editions of Mac OS X from 10.0.0 through 10.4.8; the latter is the most current version of the Apple operating system.
The SANS Institute's Internet Storm Center (ISC) downplayed the significance of the Mac virus. "To be honest the virus is no big deal in itself. But it is yet another warning," wrote ISC analyst Swa Frantzen on the team's Web site.
"It is a warning to get anti-virus protection for those Macs, even if the shopkeeper told you do not need it, even if there are no viruses in the wild today, even if it's hard to buy it, and even if the vendors seem not to know what they talk about," Frantzen added.
Symantec has pegged OSX.Macarena with its lowest-possible threat rating.