Fri 17 Feb 2006
Second OSX Worm Discovered, spreads via Bluetooth
Posted by hevnsnt under Exploits , Internet , NewsF-Secure Virus Information
OSX/Inqtana.A is a Java based proof of concept bluetooth worm that affects OSX 10.4 (Tiger) systems that have not been patched against vulnerability CAN-2005-1333
Inqtana.A has not been met in the wild and has internal counter that prevents it’s operation after 24. February 2006. So it is unlikely that this variant would be a threat to Mac Users.
Inqtana.A arrives to victim system as OBEX Push request, requiring user to accept the data transfer. When the transfer is done Inqtana.A uses directory traversal exploit to copy it’s files so that it starts automatically on next reboot.
On reboot the Inqtana.A will activate and look for devices that accept OBEX Push transfers and try to send itself to those devices.
OSX/Inqtana.A affects only Mac OSX 10.4, if you use 10.4 make sure that you have installed latest OS updates from Apple
One Response to “Second OSX Worm Discovered, spreads via Bluetooth”
Leave a Reply
You must be logged in to post a comment.
February 17th, 2006 at 8:02 pm
Looks like the Apple fanboys are officially losing their “no virus” excuse; no doubt Jobs will go the way of the Microshaft with endless patches and exploit fixes.