SiriusAddict.com

Today, there’s a lot of buzz about the new trojan that’s propagating for OS X. It’s called Leap-A. To me, it’s not a big concern and doesn’t really show the vulnerability of OS X. From what I’ve read, it does prompt the user for authentication, so it’s not like it’s installed through some back door without your knowledge.

As with most worms/trojans/whatever…(read more)
…the quickest way to spread them is via IM. Leap-A has the ability to spread via chat programs for OS X, including iChatAV. Again, it’s typical of a worm and doesn’t show the vulnerabilities of the OS. It does however infect other programs. The file comes as an attachment named “latestpics.tgz” and spreads to other users on the buddy list. More detailed information on what it does can be found at AmrbosiaSofware.

To me, it still comes down to end user knowledge. If you’re not intelligent enough to download a file from an anonymous person online because it poses as the next OS, “Leopard”, screenshots then you deserve to be open to attack. After all, you wouldn’t just leave your house open and tell all inviting guests to come in but not take, destroy, or modify anything, right? Simply put, listen to your Mom when she tells you, “Don’t trust strangers.” That applies online as well! The problem is that people are so desensitized when they are on the web and want to trust everyone with a screenname, basically. “It can’t happen to me!” I’ve news for you: Yes It Can! If people just used a little common sense when browsing the web and took their time when looking at files and before opening files, they’d generally be better off. As for the authentication, people will drop their password to you if you ask them or give them chocolate (more than 70% to be more detailed).