Possible Mac OS X Trojan Horse (mostly harmless)

So I saw the news this morning about a possible first trojan horse for Mac OS X and decided I didn't really want to deal with the inevitable ensuing hysteria, flames, and crazy comments that would be sure to follow such a post. It was 8:00am and just way too early to deal. I mean, if I want to read stupid comments about Macs all day long, I'll just spend my time over at Digg.

Heh heh..I thought to myself, I'll let some other TUAW staff member post this news story. Then they can deal with the puerility.

But now it's almost noon and something like 42 people have sent in a tip and no one's stepped up to the plate, so I figure I probably should write up something.

Here's a quick summary: Someone uploaded a trojan horse to the MacRumors.com forums which claims to be a .tgz archive of screenshots of Apple's upcoming Mac OS X 10.5 Leopard. Problem is that it seems to be a proof-of-concept trojan and isn't very successful at doing what it's supposed to do, which is propagate itself out via your IM buddy list. Andrew Welch, who founded Ambrosia Software (thanks for Apeiron, BTW!), has been doing a bang-up job of dissecting the trojan and has determined that it's mostly harmless. You can read the specifics in the Ambrosia forums. Sophos has already posted a definition for this trojan here.

The bottom line is that this really seems to be a proof-of-concept trojan more than an actual "in the wild, self-propagating" virus. So yeah, it's certainly very interesting, but I'm not about to start watching for the sky to fall. Leave that to cartoon birds, storybook characters, and PC magazine columnists.