One of the first pieces of malicious code targeting Apple's Mac OS X operating system has been discovered. The Mac OS X malware, dubbed Opener, is a rootkit for Mac OS X machines that contains a variety of destructive functionality including a keylogger and backdoor components.

Opener (AKA Renepo-A (http://www.sophos.com/virusinfo/analyses/shrenepoa.html)) is a shell script that can't be installed without admin privileges. It isn't spreading. A thread on Macintouch reports an isolated example (http://www.macintouch.com/opener.html) of a Mac user finding Opener on their system, which prompted a brainstorming session about the nature of the malware on the forum. The interest focused on the hacker tool in the Mac community is largely generated because of the malware's rarity value.

"Back in late 1980s viruses used to be a much bigger problem on Macs than on PCs. Then things changed," said Mikko Hyppönen, director of anti-virus research at Finnish AV firm F-Secure. "F-Secure used to have an antivirus product for Macs for years, but we discontinued it after the macro viruses died out as there was so little market for it." ®

Related stories

Windows-style security hell stalks Mac OS X? Yeah, you wish (http://www.theregister.co.uk/2003/12/16/windowsstyle_security_hell_stalks_mac/)
McAfee app raids Mac users' inboxes (http://www.theregister.co.uk/2004/09/09/apple_pulls_virex/)
Apple patches critical Mac OS X hole (http://www.theregister.co.uk/2004/05/24/apple_fixes_osx_flaw/)
Mac OS X update fails to fix vulnerability (http://www.theregister.co.uk/2004/05/28/mac_bug_mishandled/)
Apple updates Mac OS X to 10.3.5 (http://www.theregister.co.uk/2004/08/10/apple_osx_10-3-5/)
Linux vs. Windows Viruses (http://www.theregister.co.uk/2003/10/06/linux_vs_windows_viruses/)