Press Releases

Browse our press release archive

06 Nov 2006

Macarena Mac OS X malware - no need to panic

Proof-of-concept virus does not pose a threat

Intel-based Apple Macintosh
Intel-based Macintosh owners have little to fear from Macarena malware.

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have advised Mac OS X users not to panic following the discovery of a new proof-of-concept virus.

The worm, dubbed OSX/Macarena, has caused headlines in the press because new Macintosh malware is so rarely encountered compared to malicious code designed for Windows PCs. At the time of writing Sophos has received no reports of any customers who have encountered the malware, and only source code versions have been uncovered.

The Macarena virus, which is only 672 bytes long, infects by appending itself to infected host files. Every infected file contains the strings "MachoMan - roy g biv" and "26/10/06". The virus only works on Intel-based Apple Macintoshes.

However, Sophos experts believe that the malware is unlikely to ever spread successfully, a view apparently shared by the virus writer who included the following comments in his code:

To build this thing, I use Xcode, but it is really very buggy, and it needed lots of help to produce working code

and

So many problems for so little code.

"This is a proof-of-concept virus with very limited spreading ability. Frankly you're more likely to be struck by lightning than troubled by Macarena," said Graham Cluley, senior technology consultant for Sophos. "No-one should panic, and while this is an indication that hackers are showing an increased interest in targeting the Mac OS X platform it is still a lot safer place to be than Windows."

report issued by Sophos earlier this year revealed that 79% of people believed that Apple Macintoshes would be targeted more in future, following the discovery of the first Mac OS X worm.

Sophos advises all computer users, whether running PCs or Macs, to practise safe computing and keep their anti-virus software updated.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.