• Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Phishing
    • Ransomware
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

My AntiSpyware

Free antispyware software, Online Scanners, Instructions on how to remove spyware and malware.

Menu
  • Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Phishing
    • Ransomware
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools
Home › Worms › Leap.A – Worm for Mac OS X

Leap.A – Worm for Mac OS X

Myantispyware team February 18, 2006     No Comment    

Leap.A is a binary file compiled for Mac OS X. It arrives in an archive file, called ‘latestpics.tgz’. When the executable in the archive is opened the virus activates. First it drops an icon resource and an external hook bundle which is used for spreading through iChat.

Spreading through iChat

Leap.A installs a bundle to ‘~/InputManagers/apphook’ that hooks certain iChat functions. When any of the user’s buddies change their status, the worm initiates a file transfer and sends a copy of ‘ ‘latestpics.tgz’. The file transfer is not visible to the user as the worm hides the transfer status information.

File infection

The worm enumerates all applications on the computer that were used during the last month. Leap.A replaces the main executable of those applications with itself and saves the original file to a resource fork with the same filename. When the application is opened the worm activates first, then it runs the original application from the resource fork.

Thanks to F-Secure.

Worms

Author: Myantispyware team

Myantispyware is an information security website created in 2004. Our content is written in collaboration with Cyber Security specialists, IT experts, under the direction of Patrik Holder and Valeri Tchmych, founders of Myantispyware.com.

Leave a Reply Cancel reply




New Guides

Your File Is Ready To Download pop-up scam
Your File Is Ready To Download Virus Removal Guide
Muttere.buzz Press Allow Scam
Muttere.buzz Virus Removal Guide
graz.bezil.ru redirect
Graz.bezil.ru pop-up redirect (Virus removal guide)
TickTackSpeedup PUP
How to remove TickTackSpeedup (Quick & Easy) in 2022
YSearches.com redirect
How to get rid of YSearches.com redirect from Chrome, Firefox, IE, Edge

Follow Us

Search

Useful Guides

ads by adware
How to remove Adware from Windows 10 (Virus removal guide)
Best free malware removal tools
Best Free Malware Removal Tools 2020
How to remove browser hijacker virus (Chrome, Firefox, IE, Edge)
How to remove pop-up ads [Chrome, Firefox, IE, Opera, Edge]
Files encrypted by ransomware become useless
How To Recover Encrypted Files (Ransomware file recovery)

Recent Posts

Found DVD disks contains a copy protection mechanism which uses rootkit-like cloaking technology.
Exploit for Vulnerability in Windows Media Player has been released
Adware SE 14.02.2006 update now available
Vulnerability in Windows Media Player Could Allow Remote Code Execution
How to remove AlfaCleaner

MYANTISPYWARE.COM

  • About Us
  • Contact Us
  • Privacy Policy

NEED A HELP ?

If you're seeing unwanted pop-ups or ads in your web-browser, you might have an adware installed on your computer. Use the following guide to stop pop-up ads and remove malicious software. Or ask for help here.

Links

  • Downloads
  • Instructions
  • Questions and Answers
  • Free Malware Removal Tools
Copyright © 2004 - 2022 Myantispyware.com - Free antispyware programs and Spyware Removal Instructions.