Mac virus is damp squib, says Symantec

A proof of concept Mac OS X virus, which was discovered late last week and dubbed Macarena, includes comments in the code that indicate the author had a difficult time creating the malware.

According to antivirus company Symantec, Macarena - which has infected less than 50 machines - has a very poor replication mechanism and is unlikely to cause problems for the majority of Mac users.

Peter Ferrie, senior security response engineer at Symantec, explained in his blog the virus does not cause any serious problems and is unlikely to spread very far.

He said: "There is no payload in this virus - it simply replicates. However, it won't replicate very well, because it is restricted to the current directory."

Paul Ducklin, head of technology for Sophos Asia Pacific, said the virus was "not important or significant" but he was concerned the author had distributed the source code, which could "not only explain how you might write a virus but give someone direct tools to create one even if they have no skills of their own".

However, in the source code, Ducklin said the author had expressed what appears to be frustration at trying to make the virus effective on Apple's platform.

Got two seconds?

Make your voice heard - take our latest poll.

Ducklin said: "In the source code, which is a mishmash of stuff, there is a comment where the author says 'so many problems for so little code'. So it does look as though virus writers, fortunately, still have a way to go before they are able to write Mac viruses with the proficiency and fluidity that they can for Windows.

"It doesn't have any of the characteristics of a modern effective or dangerous Windows worm or Trojan, it is a simple appending parasitic infector."

He also revealed Macarena will only affect Intel-based Macs: "This is an Intel specific thing - not Power PC."

However, Ducklin warned the Apple community not to be complacent because although writing malware for the Mac is more difficult than it is for Windows, the users' common sense can be a weak point.

He said: "There are things that are done in OS X that make it less likely you will get a virus but very little can head off a determined and ill-informed user. If you are determined to run a program against common sense then you can get yourself into trouble and that may cause trouble for the next guy."

Munir Kotadia writes for ZDNet Australia