Apple denies worm

Apple has denied that the malicious code dubbed 'Opener' is a worm, a Trojan or a virus of any kind.

Discovered a week ago, the Opener program – originally called Renepo - has the ability to disable the firewall in Mac OS X and steal user information. Security experts declared last week that it is almost unheard of for malware to target Apple computers, but said that this could be the start of a spate of attacks to come.

In an emailed statement from a PR company that represents Apple, a spokeswoman said:

"Apple has just released the following statement and will not comment beyond this: 'Opener is not a virus, Trojan horse, or worm. It does not propagate itself across a network, through email, or over the web. Opener can only be installed by someone who already has access to your system and provides proper administrator authentication. Apple advises users to only install software from vendors and websites that they know and trust.'"

But antivirus experts beg to differ, saying that while the program is not an immediate threat, it is a worm because it attempts to copy itself, and is therefore a virus as well.

Antivirus company Sophos said: "Renepo is a worm, and since a worm is just a special type of virus - one which neither requires nor uses an existing host file as a carrier - it is a virus."

"I know there has been a lot of debate about this," said Graham Cluley, senior technology consultant for Sophos. "We class it as a worm. It's not going to spread very fast, but it does try to copy itself from Apple Mac drive to Apple Mac drive, and that still makes it a worm. If you saw something similar in the PC world, you would call it a worm."

Symantec declared that Mac owners were protected if they had kept their antivirus software up to date.

Dan Ilett writes for ZDNet UK. Additional reporting by Munir Kotadia of ZDNet Australia.