said by Shamayim :

---

said by Sandman5 :

---

S
Not sure if you knew, but just recently the first worm for OSX was released.

---

1. It's not a worm, it's a trojan.
2. Trojans are not self-replicating like worms.
3. It wasn't a real trojan even.. Just a 'proof of concept' ("see? theoretically it can be done.").
4. It wasn't "released." Nothing damaging to OSX was 'released.'
5. Classic case of FUD (Fear Uncertainty Doubt).

---

said by Sandman5 :

---

S
Not sure if you knew, but just recently the first worm for OSX was released.

---

said by ThunderCorp :

---

i never believe in security by obscurity. i believe in security by inherent secure default settings (well written software + a good admin behind them).

---

The only mildly non-trivial discovery associated with this malware is that its author managed to combine a valid MP3 file and a PowerPC application in one file without violating any of the two file formats. That means the trojan is playable within iTunes as MP3 sound file and it can also be launched as a program by Finder. This works under MacOS 9 and OS X.
  However, dual personality of a file has little relevance to the malicious function. If a user is convinced to double click on an icon representing a file the program will run regardless of being a simple disguised application or dual-format file. Thus, the discovery of dual-format files does not really introduce any new penetration or propagation vector. It can only obfuscate a little the function of the disguised program, which will appear as a valid sound file and it can be played from iTunes.
  To achieve this dual personality of the file the PowerPC application (Type 'APPL', Creator = 'vMP3') is registered in the resource fork as 'cfrg' (code fragment) within the data fork. At the same time this data fork (with an ID3 record at the beginning of the MP3 file that holds the binary code) is a valid MP3 file image.