Researcher boasts of Mac worm

Here’s more evidence that the digital underground is increasingly interested in targeting Apple’s Mac OS X, which many consider the more secure alternative to Microsoft Windows:

An unnamed researcher is using the Information Security Sell Out blog to boast about a new Mac OS X worm he or she created “with a few hours work.”

The code is a variation of the “MDNSResponder” vulnerability fixed in Apple’s May security update, 2007-005. While Apple fixed some holes found by researchers Mike Lynn and Dave Aitel, the researcher said, the company did not fix them all.

“This vulnerability, as with the ones fixed, gives remote root access,” the researcher wrote. “The code I wrote is very customer specific but could easily be changed to be more malicious. Currently, it compromises its first system (patient zero), places a text file on the desktop with specific contents, then moves on to attempting to compromise other systems on the same network, leaving it’s text file and moving on.”

While the worm is nothing special compared to Windows-based malware, the researcher said it proves that Apple computers are just as susceptible to malware as Windows machines.

As expected, some in the blogosphere are questioning the researcher’s credibility. In the Insanely Great Mac blog, for example, M. Sharp wrote that the same researcher has made unverified claims in the past that he or she refused to substantiate. As for the suggestion that Macs are more vulnerable than users would like to admit, the blog asked, “Anyone been hacked yet? Anyone?”