I’m not sure if this really qualifies as the first Mac OS X malware, but it’s definitely new. First appearing on a MacRumors discussion, there a good discussion of what’s been dubbed MacX/Oomp-A at the MacRumors and Digg over whether this is a virus (in which case it would certainly be the first of its ilk), a trojan, or a worm. Some users report that they were infected without having to put in a password when installing, others that it spreads via iChat.
But really it doesn’t matter one jot. The vast majority of what are commonly termed “viruses” on Windows are also either worms or trojans, depending on social engineering to get a grip of a user’s machine. Take a look at F-Secure’s virus statistics for the most common current threats on Windows: None are actually “true” viruses. Yet, the Mac folk who are clogging up the message boards claiming that this isn’t a “true” virus would happily refer to Windows as “virus ridden”.
I’ve said this before, and it’s worth saying again. The reason why the vast majority of Windows malware are trojans or worms rather than true viruses is that social engineering is far easier than exploiting a hole in an OS. OS holes get patched pretty fast. Insecurities based on user behaviour do not. The only security advantage built in to Mac OS X that isn’t in Windows is the need for a password to install software, and this really isn’t much of a protection, as many people will happily just give their password no matter what – and if the user KNOWS he’s installing something (as, for example, he would if he were installing a new application) there’s no protection.
All the arguments over taxonomy make no difference to the fact that this malware is a real threat.