6:25 AM - Mac OS X Worm?
An anonymous security researcher has claimed to create a Mac Worm for OS X. The worm uses mDNSresponder as the attack vector. For people unfamiliar with that software, it is effectively Bonjour (aka Rendevouz). What I find interesting about this article is that it does not explore the attack vector on other operating systems. Apple open sourced mdnsresponder. It is in the FreeBSD and MidnightBSD ports system and was previously used as an optional feature for many open source projects including KDE. The open source community has created an alternative package named avahi (sp?) that is under a better license than Apple's open source terms. The FreeBSD project has encouraged use of this code instead for many of their ports.
However, Bonjour is available on Windows. iTunes uses it and Apple has shipped it for printer sharing with their wireless routers for some time. The software runs as root on OS X. Presuming there is code reuse with the windows counterpart, this worm could effect many operating systems.
There is a catch though. This service is limited to your local network. It will not traverse the internet. (local subnet) So if I execute the worm at home, it could only infect/attack my other machines but could not go after people in the outside. One caveat is if you use public wireless networks. You could get infected at a coffee shop, work or a university and bring it home to trash your home Mac or PC as well
http://arstechnica.com/journals/apple.ars/2007/07/17/anonymous-blogger-claims-proof-of-concept-mac-worm