'Opener' - The first OS X malware? NO!

There is a semi-informed discussion going on at Macintouch where a reader wrote to say that they somehow managed to get a malicious shell script installed on their Mac. Others wrote in to describe what the script seems to be doing.

Let's get something straight - if you have to INSTALL a piece of software or shell script on your machine it is NOT A VIRUS! If you have somehow managed to install a piece of software that does something malicious, it is NOT a vulnerability in your operating system, it is a vulnerability in your own mental faculties. We can all argue about whether computers should have a "super-safe mode" that protects the user from themselves. However, Mac OS X already does this - a program has to ask for an administrator password to be installed as a startup item.

Anyone could write a Trojan Horse that wipes out the user's entire Documents, email, and settings after about 5 minutes of reading. This shell script is more advanced than that, but not much. It uses standard password-sniffing methods, etc to do its work.

This has no way of infecting other computers other than by the user installing it themselves. It is not a virus, nor a worm. It is a Trojan Horse that only can infect your machine after asking politely. Just say no. If you don't know where a piece of software came from - do not execute it. This is as if someone called you on the phone and said "Drag your Home folder to the Trash, then choose Secure Empty Trash from the Finder menu." If someone did that, I'd recommend not following their directions.

If it turns out that this actually was installed remotely using one of the recently-patched vulnerabilities in OS X, that would make it a worm, not a virus.

links:
http://www.macintouch.com/opener.html
http://www.insanely-great.com/news.php?id=3922

MORE...