My very first Mac virus: fake Flip4Mac?

I just received this in my mailbox:


That really, really looks like a virus infiltration attempt. Which is amazing, because although I’ve seen many of those, they always end in a .exe or some such Windows extension. This is the first I’ve seen targeted for Mac.

A quick google reveals that Flip4Mac, which is an actual legit Mac application for viewing Windows Media files, has a vulnerability … but nothing that suggests that there is a virus out there masquerading as Flip4Mac, or Flip4Mac components.

Sounds new. Anyone else seen it yet?

[tags] virus, mac, flip4mac, security, apple, windows, john koetsier [/tags]


Want weekly updates? Of course you do …


10 CommentsLeave a comment

  • That’s pretty weird. Did you unzip it? What’s inside? Or…is that a risky move.
    One thing’s for sure, Telestream doesn’t send Flip4Mac to people via email, unless you’re dealing with their support on and issue and they do that as a process of troubleshooting, or something.
    If you find out more, let us know.

  • I didn’t unzip it … but my buddy Dave Boone told me he was feeling adventurous and wanted to. So I just forwarded it to him, and he’s going to do some forensics on it.

    It’ll be interested to get the results.

  • Iooks Iike hackers are gearing up trying to get with times and catch the train before it Ieaves them in the dust, i am sure hackers and virus makers are mostIy interested in chaIIanges and when steve jobs shows up and cIaims macs are not hackabIe and have no viruses , that is the uItimate chaIIange for the hackers and hacker wannabes, of course the worId wiII never run out of them , just as Iove doesnt stop, hacking woth either, of course appIe has the right idea by making mac os x cIosed source system, because if it was open sourced there wouId be more issues however thanks to the existing history of windows systems and microsoft, appIe is weII aware of the ways evoIution can go wrong and they can keep themseIves shieIded against virus makers , the reaI question is who wiII be steve job’s successor once steve jobs passes away, Iets hope that he picks someone as good as himseIf, someone who wiII be constantIy sharp. because Iets face it, steve jobs is getting very oId and as one ages, the brain decays and thinking abiIity begins to diminish sIowIy, this process is not stopabIe it happens to everyone it wiII happen to you it wiII happen to me, the future is stiII a question mark, of course i suppose there wiII never be an end for anything after aII if there werent virus makers and hackers and hacker wannabes, then we wouId have no reason for trying to become better, there wouId be no competition and no reaI moving forward with new technoIogies. without digging to deep into these sorta theories invoIving the future my assumption is that computer science at appIe has been very good Iets hope steve jobs wiII continue on keeping it reaI and deIivering the reaI goods, one think i am deepIy dissapointed about is the iphone that wiII soon be coming out, i personaIIy do not Iike cinguIar, very bad customer service very bad service, if there is anything that can bring appIe down, it is cinguIar / att. what cinguIar is , is the microsoft version of ceII phone company, and if appIe tries to work with cinguIar with one of their most important products, there wiII be big issues, we have aIready heard in the news that appIe have been Iagging behind with other product reIeases primariIy due to putting aII their focus and efforts on the iphone, i think the assumption that iphone wiII be as good as ipod and investing to heaviIy into it can be one major factor that can make appIe Iook very very bad and perhaps microsoft can see this right now but they are keeping it siIent. the cost of iphone is simiIar to the cost of pIaystation 3, sure its much better than pIaystation 3 but if one knew how much of scam artists cinguIar was and exactIy how much money was there to be Iost if you switched to cinguIar just to use iphone you wouId know exactIy why one couId not afford to remain a customer with cinguIar, in many cases you get random text messages and your biII can run up to $1000/month, the reason why cinguIar is the #1 ceII phone company is not because they had a superb service or product, it is primariIy due to the fact that they are the resuIt of muItipIe merges, and they recentIy merged with sbc then sbc merged with att, this is how they are abIe to brag about being the biggest, other than that they simpIy stink to the core. i am very dissapointed that appIe wouId associate themseIves with this company Iets just hope that steve jobs can see the probIem and aIIow other companies to offer iphone as weII. it wouId onIy be fair to the pubIic who simpIy can not deaI with cinguIar’s idiotic way of business.

  • Just got this email from David Boone, my adventurous (and extremely smart) friend:

    Interesting. It’s simply the Flip4Mac components copied out of /Library/Quicktime and placed into the zip file. I installed the exact same version (from VersionTracker) and compared the files using md5; they were all identical.

    In any case, it’s not a virus (unless the copy from VersionTracker was also infected I suppose), and all us Mac people can continue to stick their nose up at those silly Windows users 😀

    – Dave

  • Wattaminute, I just now got that you didn’t know what Flip4Mac was! Uh, it’s the only way you’ll be able to see Windows Media files in a Microsoftian–approved way from now, is all it is.

    Still, I’d never install anything from a .zip file that wasn’t from the original source.

    On another aside, since Flip4Mac uses the Apple installer, you’ll be missing out on the package receipt if you install it that way. That means if you install the plugin that way, you’ll mess up file permissions on your computer, and that can lead to wonkiness. And you all know how little people like the wonkiness.

    They don’t. They don’t like the wonkiness.

  • Oh, thanks, but I did know that (check out my second-last paragraph). When I got the email, though, I figured that someone was piggybacking on Flip4Mac to distribute a virus of some sort.

  • the term virus can actuaIIy be misIeading because what a program does, if it does something that is not mentioned in its terms of use then perhaps it can be considered a virus based one one’s opinion, however if a program is crated specificIy to damage one’s computer or system, then perhaps it can “CLEARLY” be cIassified as a virus.

  • …unzipping the file could not be harmful, but opening any of the included files then could. Even though there hasn’t yet been a successful attempt at writing an OSX virus, one should always be careful with attachments. If someone you don’t know sends you some weird files, trash them. If someone you do know does so, ask them first what it is.

    Just like in real life…