A history of viruses on the Mac

Yesterday we wrote about why it might be a good idea to use anti-virus on your Mac; it helps prevent the spread of viruses to Windows computers. That doesn't mean that there aren't viruses on a Mac as Apple might suggest in their Mac vs. PC advertisements. To follow up on why you might need an anti-virus client on your Mac, Sophos' Naked Security Blog compiled a history of viruses targeted at Apple computers. Fortunately the history of Mac viruses is short, the list for Windows viruses would be quite lengthy.

A 15 year old by the name of Rich Skrenta wrote the first virus for the Apple II called the Elk Cloner virus. The virus would infect the boot sector of an Apple II and on every 50th boot would display:

Elk Cloner: The program with a personality

It will get on all your disks
It will infiltrate your chips
Yes, it's Cloner!

It will stick to you like glue
It will modify RAM too
Send in the Cloner!

Rich has gone on to create the start-up Blekko, a search engine that claims to offer better search results than Google. Blekko was launched publicly on November 1, 2010.

A virus by the name if nVIR was released and spread via floppy disks. The source code was released shortly after the virus was introduced which led to a slew of variant versions. The virus affected Mac OS 4.1 through 8.0

HyperCard viruses were introduced. These viruses were similar to macro viruses found in Microsoft Office documents. Someone would write a malicious script which would execute on a computer causing a variety of problems for users. These viruses affected versions of the Mac OS all the way up to version 9.

The MDEF virus, also known as Garfield, would infect applications and system files. When infected the pull down menus would look garbled, the system would act oddly or even crash. There were several variants of the virus that were released in the months to follow.

The first Microsoft Word macro virus was introduced WM/Concept. This virus affected both Mac and PCs, it led to thousands of other macro viruses being introduced, many of which targeted the Mac version of Microsoft Office. This virus got a bit of a boost when Microsoft accidentally shipped some CDs containing the virus. The first CD, Microsoft Windows '95 Software Compatibility Test, was shipped to OEMs and contained a document with the virus. The second CD, Microsoft Office 95 and Windows 95 Business Guide, was released by Microsoft UK and also contained a document with the virus on it.

Laroux, the first Excel virus was introduced. Initially Mac users were immune to the virus until the release of Excel 98 which ended up making it possible for the two year old virus to start infecting Macs.

The Sevendust or 666 virus was introduced. This virus would erase all non-application files on the system. It was known as 666 because it would leave a file on your hard drive called 666 and it would only execute itself on the 6th hour of the 6th and 12th day of the month. The virus would also overwrite an applications menu with f (hex 16).

Renepo was introduced as a worm for OS X. The virus would attempt to disable the computers security settings and download a keylogger along with some programs that would allow someone to remotely control the computer.

A virus by the name of Leap-A was introduced. This virus was only able to spread if users opened the file containing the virus.

OSX/RSPlug-A was a trojan horse that would change DNS entries on the computer. It posed itself as a codec to help users view porn videos online.

The MacSweeper malware was introduced. It was embedded in poisoned advertisements that would then infect a Mac with a piece of malware similar to the Antivirus virus that Windows computers often get.

A trojan horse named OSX/iWorkS-A was spread to users who were downloading pirated versions of the iWork '09 software suite.

Finally, this year saw the introduction of the OSX/Pinhead or HellRTS virus was spread disguised as iPhoto. The virus would open up a back door to allow a hacker to remotely execute malicious code on the computer.

There are several variants to the viruses released and there may have been a few left out but the history of viruses on the Mac is fairly short. With the introduction of OSX most of the viruses only spread when users executed something they were not entirely familiar with from a source that may have been less than trustworthy. That doesn't mean that threats are not present, there is still a chance a flaw can be exploited and your computer could become infected.

Report a problem with article
Next Article

Facebook sued by inventor of Priceline.com

Previous Article

Aussie iPhone geek takes popping the question to a new level

65 Comments - Add comment