The "latestpics" Trojan
Apparently, someone posted a Mac OS X trojan to the macrumors.com forum
(link goes to explanation and discussion on ambrosiasw.com forums). The file in question is called "latestpics.tgz", which you should not
download and unpack, although that alone is not yet dangerous. The dangerous thing is that the UN*X executable it unpacks looks like a JPEG file, although it doesn't have the file extension. (It just has a JPEG icon pasted onto it.) If you do
double-click it, it installs itself as an input manager and tries to infect applications with itself and to propagate through iChat (it'll send itself to your iChat buddies).
This is not a virus, though. And if you don't double-click files you don't know the source of, you're still safe. Also: Never doubleclick images without file extensions, anyway. (Set the Finder to _show_ you file extensions, of course.)
So: Don't panic. But be safe. :)Update:
Sites like TheRegister (their "article" about Leap.A here
) are now keen to call this a virus, although by definition it is not. They also fail to mention that the script does no harm other than to propagate via iChat. Again: Of course we shouldn't go into denial whenever something like this pops up. But in order to do even a little
harm, the user still has to actually execute this script himself. And things like that have always been known on Mac OS X. It tries to take advantage of a vulnerability of the user
, not the operating system. Unless you open/execute the UN*X script yourself, you're safe!