Macintosh security specialists, Intego on Thursday issued a security warning to its customers for the first Trojan horse to affect Mac OS X. Dubbed MP3Concept (MP3Virus.Gen), the Trojan horse exploits a weakness in Mac OS X where applications can appear to be other types of files, according to the company.
Intego told MacCentral today that the code is hidden in the ID3 tag of the MP3 file. The code will only activate when clicked, but once it is, Intego warns the Trojan horse has the potential to delete all of a user’s personal files; send an e-mail message containing a copy of itself to other users; and infect other MP3, JPEG, GIF or QuickTime files.
Intego also said that the same technique could be used to infect .jpg or .gif files, although no such cases have been found. Intego has released updated virus definitions to combat the Trojan horse.
Symantec Corp. said they were aware of the Trojan, but noted that the virus has not been found in the “wild.”
“Symantec Security Response is aware of the MP3Virus.Gen Trojan,” a spokesperson from Symantec Security Response, told MacCentral. “It is a proof of concept Trojan that does affect the Mac platform, however it is currently not present in the wild. Symantec Security Response will continue to closely monitor this and any other potential threats to the Mac OS X platform.”
Since this story was first posted, Apple responded by saying they were aware of the issue and were investigating.
Update: This story has been updated with information from Symantec Corp. Update 2: Updated the story with information about Apple’s response.