This first Macintosh OS X threat is an example of the continuing spread of malicious code on to other platforms.

It’s a throwback to the early days. We don’t often see worms these days that are just out to trash user’s data.

It was designed for a different era. With threats increasingly resorting to stealth, we decided it’s a greater risk to hide the directory than to open it.

Setting up this option will alert users to unusual behavior because the user will be asked to confirm the sending of all files.

[Mark Kennedy, a software architect, chimes in:] And our problem is that when you go that deep to try to extract it, you can render the machine unusable. Then you get blamed, rather than the...

Basically, it stores deleted files in a hidden directory. It’s old technology designed for a different era, like Windows 95 and 98.

This is simply not vandalism; it’s not somebody’s machine which gets taken over temporarily. It’s a very serious damage to someone to have their identity stolen and taken from them.

We have speculated that attackers would turn their attention to other platforms, and two back-to-back examples of malicious code targeting Macintosh OS X this week illustrates this emerging trend.

Our job is not to drop anything.

We’ve already approached the IT-ISAC, a forum of security vendors and researchers, and asked them as to whether they can help us form an open discussion. It looks like they’re willing to do that.

It’s not dangerous in a sense that it’s data destructive,

While this particular worm is not fully functional, the source code could be easily modified by a future attacker to do damage. Macintosh users should be diligent about installing patches to their operating systems as...

Are we still at the leading edge of this threat? … I mean, is it a fringe thing, or are we seeing it accelerate?

[When malicious code could cause serious damage, Symantec and its peers often provide information to law-enforcement agencies such as the FBI, the U.S. Secret Service, and the Royal Canadian Mounted Police.] If they need an...

The folder was hidden because when the feature was created, hiding the files made sure users weren’t confused.

From a home-user point of view, I would not panic or worry. But it’s a good opportunity to go back and look at your computer practices and see if there’s something that can be changed...

It’s designed to get people’s anxieties up, … Hoaxes spread very rapidly, using psychology to spread the information from computer to computer. It clogs up e-mail servers and e-mail boxes. [Users] are never quite sure...

We’re trying to reinforce here that we’re not talking about a virus, or malicious code, we’re talking about technology that could be misused, … We’re trying to work co-operatively.

The Internet opens huge opportunities for communication, sharing information, along with commerce and learning, but it also brings along significant risks, … We want to offer users easy, step-by-step explanations and recommendations that will allow...

We think users can be very safe online if they take the best practices out there and just practice a bit of Internet safety.

Each company has a different view of the world, … That’s why we try to have ratings based on the virus itself.

Anybody who is directly connected to the Internet through cable modems or DSL is extremely susceptible to these back-door programs, … We have seen many, many attacks coming on to those people’s machines.

Even if data is safe, users infected should get a removal tool to clean and repair their systems.

We’ve also launched recently a consumer threat meter, which allows users to surf safely online.

What we are saying is that attackers are increasingly targeting your assets and your private information,

Script blocking was developed to detect and protect against VBS script worms that propagated via MS Outlook.

It’s a simple, surgical fix that disables the hidden feature.

Our hope is that the Internet stays very open for everybody; that is the original intent. It’s for communication, it’s for surfers, it’s online; it really allows us to have online communities around the world.

This is a relatively old vulnerability.

These threats worked by exploiting weaknesses in the VBS script interpreter which have since been addressed by Microsoft since the threats have diminished and there is already OS level protection we didn’t need this additional...

But it’s certainly not the dam bursting.

We’re losing the tsunami effect and instead getting wave after wave of smaller, more intense attacks to get on your machine and steal useful information.

By enabling an infected machine to be remotely controlled, this threat opens up the user’s identity and computer for potentially malicious purposes.

It’s been seen more in Europe than in the United States, but it’s a worldwide event.

You will start to see more exploits, but only because Apple has garnered a lot of attention in the past year.

Everyone is realizing that no one company or one bank can do it all. No one group can do it alone.

We determined that a significant amount of these were new machines that were Christmas gifts going online and not getting security patches onto them.

It has been a nonevent. We have been tracking our consumer tech support: Less than a handful of people worldwide have called in saying they might be infected.

The lesson here is that if we look at Mac OS X and compare it to, say, Windows XP, we find that, in terms of the number of vulnerabilities, they are actually quite comparable.

It’s still a tiny drop in the ocean, but it’s growing at an exponential rate.

I think that probably the overarching theme we’re looking at is that crime for profit motivation has really found the Internet.