Malicious Bundles on OS X

Google’s cached copy from January 25, 2006 of an unbylined article published on, entitled “Malicious Bundles on OS X”. This article is pretty much a how-to guide that could have — and I’m guessing, probably was — used by the author of the recently-released Oompa Loompa Trojan horse. The original URL for the article is now a 404, and the source code examples are not in Google’s cache and, like the article itself, are no longer available at

(Via today’s issue of MDJ, which contained an exemplary feature on the Oompa Loompa saga. If you’ve never tried a trial subscription to MDJ or MWJ, you ought to.)

Monday, 20 February 2006