OS X trojan can wipe Home directory, not a virus says Apple
An OS X trojan horse masquerading as a Microsoft Office 2004 installer can wipe your Home folder, security company Intego has announced.
The AS.MW2004.Trojan is a compiled AppleScript applet, a 108KB self-contained application, whose icon resembles an Office installer. The script runs a Unix command rm that permanently deletes the entire content of the Home directory.
The trojan was discovered in the UK on a Gnutella peer-to-peer network.
Both Apple and Microsoft warned users about the consequences of installing unlicensed, illegally copied software.
Here’s a quick solution posted by my brother Rahul.
If you have a directory with important info (or your home directory) you can create a file in it called “-i” (minus i).
-i means interactive and it fools rm into thinking it was given the -i option in which it prompts the user for yes/no.
Do the following:
1. Launch Terminal. Then at the user prompt type:
2. ls > -i
3. It will create a file named “-i” on your home directory.
4. When anyone does “rm *” the first file picked up will be the “-i”.
5 rm will then prompt the user before deleting.