Mac shoot-em-up zaps your files - but is it game over for common sense?

Filed Under: Apple, Malware

There's something of a brouhaha happening at the moment regarding a Mac OS X shoot-em-up arcade game called "Lose/Lose".

The Galaga-like video game was first brought to my attention by Methusela Cebrian Ferrer over on the iThreats blog at the end of October (although it was being reported in the gaming press for at least a month before that).

Methusela advised users who saw the opening screen to immediately quit by pressing CMD+Q, before the game held true to its promise and began to delete your files.

Lose Lose warning screen

Because that's exactly what it does. While you're having fun zapping aliens it (quite openly) deletes files from your Mac hard drive.

Lose Lose screenshot

For us the choice was simple - the program was malicious (even if it did announce its intention), and it wasn't the kind of thing that our customers would want on their networks. So, as soon as the guys in our labs stopped trying to get on the high score chart, Sophos wrote detection for it as OSX/LoseGame-A at the end of last month.

Yesterday, though, a press release from Symantec (which they call OSX.Loosemaque) about the game stirred the media into a small frenzy. To my mind their pitch to the media downplayed the fact that the program announces what it is going to do in advance and that for anyone to be hit by it they would need to knowingly download it from the author's website (where he is equally upfront about what it does).

Should we detect it? Yes, of that I'm certain.

But there are a lot more serious Mac OS X malware threats out there than this - take the flood of bogus codecs planted on websites for instance. Focusing on a quirky piece of malware like this might just play into the hands of those who want to believe that the computer security industry is so desperate to hype up the Mac OS X threat that it will scrape the barrel with pathetic examples like this.

, , ,

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.