Intego Security Memo

News > Press Releases

Macintosh

Dual Protection (Mac + Windows)

Macintosh Enterprise

Free Trial

ContentBarrier FileGuard Internet Security Barrier NetBarrier Personal Antispam Personal Backup VirusBarrier

ContentBarrier DP Internet Security Barrier DP VirusBarrier DP

Remote Management Console VirusBarrier Server and VirusBarrier Mail Gateway

Buy Now Upgrade Update Renew Free Trial

Support Knowledge Base Software Registration User Manuals Software Updates Bug Report

Press Releases Latest Software Releases

Overview Press Releases Careers Contact Us

INTEGO SECURITY MEMO - NOVEMBER 06, 2006
OSX.MACHARENA.A VIRUS

Virus: OSX.MachArena.A virus (aka OSX.Macarena)

Discovered: November 2, 2006

Risk: Very low

Description: This proof-of-concept virus, which has not yet been seen in the wild, was published on a hacker Web site.

The virus can only infect Intel-based OS X computers. It consists of a C source file, an Assembler 'dropper' file, and documentation that explains how to create a virus that can infect Macintosh OS X binary files. Compiling the source code creates two binaries, the OS X virus file itself, and the dropper. The dropper is intended to infect Mac OS X binary files from a Windows installation on the current machine. This can be either via Apple's Boot Camp, or via a virtualization application such as Parallels Desktop for Mac.

The virus only infects mach-o binary files, not Universal or PowerPC binaries.

Mach-o (Mach object file format) is the native file format used for executables by Mac OS X's Mach kernel. The virus does not carry a payload. When run it infects other executables in the current directory, regardless of their name or extension.

Means of protection: Intego VirusBarrier X and VirusBarrier X4 (http://www.intego.com/virusbarrier/), with virus definitions dated November 3, 2006 or later, protect against this virus.

VirusBarrier X recognizes the virus and the dropper file under the names OSX.MachArena.A and OSX.MachArena.Dropper.A.

About Intego
Intego develops and sells desktop Internet security and privacy software for Macintosh.

Intego provides the widest range of software to protect users and their Macs from the dangers of the Internet. Intego's multilingual software and support repeatedly receives awards from Mac magazines, and protects more than one million users in over 60 countries. Intego has headquarters in the USA, France and Japan.

As the dangers of the Internet grow, Intego is hard at work, developing new software to protect users and their Macs from the latest security and privacy threats.

We protect your world.

home | contact