F-Secure finds another couple of Mac OS X worms: F-Secure : News from the Lab – February of 2006.
Today we received two more samples of Mac OS X malware.OSX/Inqtana.B and OSX/Inqtana.C are close variants to original OSX/Inqtana.A. About the only difference between variants is the technique by which the worm will start on the infected machine after user has accepted OBEX file transfers.The startup routines on Inqtana.B and Inqtana.C will most likely work also on OS X 10.3.Like Inqtana.A the .B and .C are locked to certain bluetooth addresses and are time limited to 24. February 2006, so they will not be able to replicate on any real environment and will work only in specially crafted lab. However it is possible that some virus author will create similar worms that are not intentionally limited, so please make sure that your OS X is up to date.
The importance of these isn’t that they’re likely to affect anyone in the wild (as F-Secure note, they won’t), but that it demonstrates the same pattern for OS X malware as Windows: one person writes, others create multiple variants.
A note for the trolls: F-Secure have no interest whatever in the Mac market. They don’t have a Mac product, and therefore it isn’t in their interests to “spread FUD” about the Mac.