OS X no longer teh virus free!!!!11111oneoneichi

[Wickedkitten Veteran]

Switchback is one very clever virus, but it's having a hard time distributing itself, so most of the world doesn't even know it exists.

For a start, it can only infect Macs running OS?X 1.2.5 or 1.2.6 (it's possible that 10.2.7 could be infected as well, although we haven't heard about infections from any G5 owners yet). So out of 25-30 million Mac users, maybe 7-8 million tops are using the right version of OS?X.

Then they have to be using Safari 1.0 and visit a site displaying affiliate ads for XGeeks.com. Although these ads are presented as linking to a hot new mail order company specializing on OS?X, that's just a cover. Their prices are just high enough to keep people from ordering, but the commission rate is enough to get every Mac webmaster interested enough to sign up for the program.

The ads aren't simple animated GIFs; they're JavaScript programs that install an AppleScript on the user's OS?X Macintosh. When this AppleScript is run (it autoruns a few minutes after startup), it accesses your Address Book through Mail and sends itself to the first 100 users who have "mac" somewhere in their email address. The email offers recipients a 15% discount on their first order through XGeeks.com.

That's the clever part. They try to target just Mac users, and when they visit the XGeeks site, they get infected -- assuming they're running the right version of OS?X and Safari 1.0. And Switchback then propagates itself again, assuming the visitor has Mail configured on their computer.

Considering the size of the OS X installed base, the number of Safari 1.0 downloads, and the number of OS?X users who use Mail rather than something else, we estimate that this virus could potentially infect 5,000 to 20,000 users. And it could take months to reach that level, since OS?X users don't restart nearly as often as Windows or classic Mac OS users.

It's only a start, but this is the first OS?X virus ever, so everyone should try to get their hands on a copy to see what makes it tick. The next X-virus might actually do something malicious. Consider Switchback a proof of concept that almost sorta works.

Of course, with the latest Window worm on the rampage, nobody but the Lite Side staff has even noticed Switchback.

And why is it called Switchback? Because when you read the source code, the first comment calls OS?X users to give up their nonconformity and switch back to Microsoft Windows.

perhaps i should have actually posted this over in the humour forum

[Revenant]

OSX has never been virus free, I has just been less prone to viruses.

[Dazzla Veteran]

Wow, a stunning 5000 people could be infectable! And out of that they've gotta visit the site with the xgeeks ad :o

Hold the front page! :D

[Spyder Veteran]

5000? thats like a quarter of all mac users! :o just kidding of course :)

ps. D hop on msgr :)

[frod]

OSX has never been virus free, I has just been less prone to viruses.

hmm, it's the first virus i've ever heard about for osx.

what were the ones that came before this?

this one is kind of humorous though.

[Southern Patriot]

OSX has never been virus free, I has just been less prone to viruses.

"virus free" means no viruses are known to exits.

"virus prone" means that it is possible to write a virus for it.

While OS X has pretty much been "virus free", I doubt any OS is ever going to not be "virus prone".

[BTallack]

perhaps i should have actually posted this over in the humour forum

Agreed. Is there even any anti-virus programs available for OS X?

[Martog]

Agreed. Is there even any anti-virus programs available for OS X?

Norton Antivirus for Mac, and a couple others. One comes with a .Mac subscription.

[Tim Dorr Veteran]

Results for: switchback

No results were found for your search.

Try changing some of the words in your query

From symantec.com :p

XGeeks.com doesn't even appear to link to a site just yet... What a crappy virus :p