Peter Ferrie
Virus Bulletin, January 2007, pp. 4-5
ISSN 0956-9979
January 2007
Download PDF (57.99Kb) (You need to be registered on forum)On 31 October 2006 we received a sample of the first parasitic infector of Mach-O files, OSX/Macarena. The file had previously been uploaded to a popular VX site. In contrast to OSX/Leap, which relied on a resource fork to contain the virus code, Macarena understands the Mach-O file format sufficiently well to parse the necessary structures correctly and inject its code directly into a file.