The Lite Side

'Hammer' Exploits Mac User Vulnerability

- 2006.02.23

There's a new security threat to Macintosh computers circulating around the Internet, dubbed by security experts to be the "Hammer" worm. As usual the mainstream press is trumpeting the security flaw in OS X as the end of an era for Mac users.

What, you haven't heard of "Hammer"? Well, you'll be an expert as soon as you read the Lite Side's

Guide to the Newest Mac Exploits

February 2006: "Hammer," a new security exploit, has been identified by Dr. Norton's All-Purpose Threat Prognosticator as the newest security threat to Our Favorite Platform. Hammer, otherwise known as Louie the Worm or Floppy-ears, is invoked when users read an email from "Louie" that reads as follows:

"Hi, Smuggypants!

I work for a big computer company and I just heard there's a virus on your computer!

It's not really a virus but it's a worm and to stop it you must kill it!

Here is how you kill it: Click here"

Users who click on the embedded link in the email are taken to a web page that shows how to destroy the "infection" using three simple steps:

  1. Get a hammer.
  2. Smash your Mac with it.
  3. Repeat until it stops running. This will kill the worm. Please now email this warning to everyone you know, especially people you don't remember in your address book. "

Investigators claim the email actually came from a joke written by a news website and presented as actual news but supposedly disguised in a humor column. Readers who forwarded the email to each other as a joke apparently reached users who "didn't get it," according to security expert Lance M. Boyle, who works for Systemanic Security Software. "Users are actually pounding the hell out of their computers with a hammer in an effort to rid themselves of this worm, not realizing that the pounding itself is the manifestation of the worm's effectiveness," he said. "And, by the way, it's a worm, not a virus."

This just goes to show the naiveté of the Macintosh user compared to their more sophisticated colleagues, according to unnamed security experts. A Windows user, many feel, would have used a sledgehammer and gotten the job done much more efficiently. Using a hammer may be more convenient and less messy, but it doesn't do the job as effectively as a more mainstream sledge, say Windows users who have fallen prey to the Windows version of this aggressive little worm.

Security experts warn this is just the beginning. Milo Browe, who has evaluated tens of zillions of wormii and virii and Trojan Horsii for the Windows platform, suggests that Mac users are going to be in a situation where history repeats itself very soon now.

"Everyone knows a Windows user who claims never to have ever had a virus or malware on their computer," he says. "The comments section on security articles online are filled with them. Actually, we are pretty sure this is the same guy commenting in all these forums, and for the most part, he's either a liar or an idiot," Browe continued.

"Now we get to have the same sort of idiot posting the same kind of inflammable messages for Mac. Before, they just got to do the old 'Macs are inherently more secure' line in online flame wars. Now they'll get to go through the same mind-numbing set of excuses that Windows users have lived with for years. Of course, this means that the Mac fanboys are going to go down in flames, unable to defend themselves against their naturally more experienced superiors. I'm actually kind of looking forward to it," he concluded.

"By the way,"he added, "it's not a virus, it's a Trojan."

A spokesman for Apple was unable to confirm that any exploits had actually appeared in the wild. "I've tried to get my computer infected for the past 72 hours," said Nancy Bowtie, a tech support research assistant for Apple. "They want me to compromise my machine so they can work on fixing the exploit, but so far, none of my IM buddies have sent me any attachments. It's kind of hard to get infected, even if you want to," she said.

"I'm pretty sure this thing's a virus," she added.

Other worms are in the works, according to USYTBSBA. (Unnamed sources yet to be sued by Apple). Here's a partial list to keep you waiting in suspense:

Shazbot Noogie: This malicious virus reproduces itself to detached aliases and spreads when you accidentally send the alias to a friend instead of an actual file. This one is a virus but everyone tells you it's a worm.

Horsey Set: This email-based attack claims to have pictures of Britney Spears carrying her kid potato-sack style at the Kentucky Derby and running across the track in the middle of the race. Upon opening the file, users see a picture of Britney's mom running across the track in the middle of the race, carrying Britney, which makes the user eject their dinner all over the keyboard. This ejection is definitely virus based. Probably the flu.

Fort Bellow: This virus sends a fake news release about itself to everyone in your address book. "The virus is spread when people read this sentence," it reads. [By the way, you just got infected. Sorry about that. - JA] Also, it's a worm, not a virus.

Smellovision: This exploit starts up Classic and uses so many system resources it makes your processor overheat and smell like a burnt omelet. It's actually not a worm, virus, or Trojan horse. It's just a little program that calls itself "Smellovision" and gets posted on shareware sites because the name sounds so cool.

LITESIDE LUSER: This Trojan horse runs a little hypnosis program that makes you forward a link to this story to everyone you know. This Trojan horse is actually a Trojan horse, not a worm. Or a virus. I think.

Join us on Facebook, follow us on Twitter or Google+, or subscribe to our RSS news feed

Today's Links

Recent Content

About LEM Support Usage Privacy Contact

Custom Search

Follow Low End Mac on Twitter
Join Low End Mac on Facebook

Favorite Sites

Cult of Mac
Shrine of Apple
The Mac Observer
Accelerate Your Mac
The Vintage Mac Museum
Deal Brothers
Mac Driver Museum
JAG's House
System 6 Heaven
System 7 Today
the pickle's Low-End Mac FAQ

The iTunes Store
PC Connection Express
Macgo Blu-ray Player
Parallels Desktop for Mac

Low End Mac's store


Open Link