Abstract
This paper reports on how some features of the Macintosh operating system, versions 7.1 through 8.1 and perhaps later versions, could be used to implement a virus attack unlike any seen previously on the Macintosh, but which bears some resemblance to a “Companion Virus” style of attack as seen under MS-DOS. We briefly discuss some methods used in the implementation of companion viruses under MS- DOS, and also examine techniques used by other Macintosh viruses. Following an examination of the details of our attack, we discuss generic countermeasures to a virus using the attack, one of which in particular appears very effective against the attack.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
F. Cohen. A Short Course on Computer Viruses. John Wiley & Sons, Inc., 1994.
F. Cohen. Computational aspects of computer viruses. Computers & Security, 8:325–344, 1989.
V. Bontchev. Are ‘good’ computer viruses still a bad idea? In Proceedings of the EICAR’ 94 Conference, pages 25–47, 1994. Available online from ftp://ftp.informatik.uni-hamburg.de/pub/virus/texts/viruses/goodvir.zip.
V. Bontchev. Possible virus attacks against integrity programs and how to prevent them. In Proc. Second International Virus Bulletin Conf., pages 131–141, 1992. Available online from ftp://ftp.informatik.uni-hamburg.de/pub/virus/texts/viruses/attacks.zip.
S. Magruder. High-level language computer viruses — a new threat? Computers & Security, 13(3):263–269, 1994.
Apple Computer Inc. Inside Macintosh: PowerPC System Software. Addison-Wesley Publishing Company, 1994.
Apple Computer Inc. Inside Macintosh: Files. Addison-Wesley Publishing Company, 1992.
Apple Computer Inc. Inside Macintosh: Processes. Addison-Wesley Publishing Company, 1992.
David Ferbrache. Virus Analysis: nVIR and its Clones. Virus Bulletin, pages 13–14, October 1989.
David Ferbrache. Macintosh Viruses: INIT 29 — Infectious, but your data is safe. Virus Bulletin, pages 8–9, December 1989.
Known Apple Macintosh Viruses. Virus Bulletin, pages 12–13, August 1992.
Apple Computer Inc. Inside Macintosh: Operating System Utilities. Addison-Wesley Publishing Company, 1994.
Mac viruses: An update. Virus Bulletin, pages 14–15, May 1995.
David Ferbrache. Virus Report: WDEF — The Hidden Virus. Virus Bulletin, page 14, January 1990.
David Ferbrache. Dirty Macs. Virus Bulletin, pages 17–18, February 1992.
Craig Jackson. Worms in the ripe apple. Virus Bulletin, pages 6–8, July 1998.
Apple Computer Inc. Inside Macintosh: More Macintosh Toolbox. Addison-Wesley Publishing Company, 1993.
TB 19 — How PBDTGetAPPL chooses which copy of an App to launch. Available online from http://developer.apple.com/qa/tb/tb19.html.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Horton, J., Seberry, J. (1999). Companion Viruses and the Macintosh: Threats and Countermeasures. In: Pieprzyk, J., Safavi-Naini, R., Seberry, J. (eds) Information Security and Privacy. ACISP 1999. Lecture Notes in Computer Science, vol 1587. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48970-3_17
Download citation
DOI: https://doi.org/10.1007/3-540-48970-3_17
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65756-9
Online ISBN: 978-3-540-48970-2
eBook Packages: Springer Book Archive