They can comfort you, some even try
Leap-A is a... let's call it a "program" for now... which you can probably find by looking for "screenshots of OS 10.5 Leopard". If you find it, and if you download it, and if you open it, and if you type in your admin password to install it, well, you got it, whatever it is. The program will then open up your iChat (an Apple program which uses the AOL Instant Messenger network) and send itself to all your AIM buddies. (So another way to get it is by clicking a link you get when somebody you know IMs you. I can't find the text of that IM, but I bet it's along the lines of "Hey check it out http://www.badsoftware.com/screwupyourcomputer/becauseyouranidiot/latestpics.tgz")
Some of the Faithful, having drunk the Cupertino Kool-Aid, are sending up a hue and cry that this is not a "virus" because it's not truly self-replicating. A virus, they claim, is something which exploits security holes in your system without your knowledge. What this is, they say, is a "trojan horse"... a piece of bad code masquerading as something good.
And perhaps, in the Halls of Power in the computer security world, this is a meaningful distinction. Maybe it requires a different macro-level response. Speaking as essentially a beat cop looking for broken windows, that is a bullshit, moronic, useless and indeed dangerous fine point, once it reaches the end user.
Let me give you my technical assessment: Leap-A is a nuisance crime. It doesn't seem to damage data, destabilize your OS, or eat a particularly high amount of bandwidth. I'm not going to lose sleep over this particular piece of malware. But like a nuisance crime, it's the right place to draw the line.
(There's a side argument here about whether compromising a communications channel constitutes "self-replication". I would argue that it does, but that's not the point.)
What makes me lose sleep is so-called "experts" who use this as an opportunity to trumpet their "Macs don't get viruses" speech. To the average computer user, all malware is lumped into one big category, which they usually call "viruses." So when a Very Informed Expert says that there are "no Mac viruses", what the world hears is that "Macs are immune to viruses, spyware, bad code, and hacking."
I know it's not what you said, Mister Expert Man, but that doesn't matter. The message actually received was "buy a Mac and stop thinking about security."
Don't get me wrong: I love my Mac. I believe it's a more elegant operating system than Windows. I wish more people used them because it would, in fact, make my job easier. I assert that OS X is actually built on a more secure set of assumptions than Windows, and that protects Mac users from the dominant malware paradigms currently in use. The average user can trust a Mac more than a PC. You should get one.
And the point is the "average user." Apple has to aim at the mass market. It can't survive as a public company if it only caters to the pointy-headed hobbyist crowd (the people who care enough to argue about "viruses" vs. "trojan horses"). That means that we have to debunk this stereotype that Mac users are somehow more virtuous, more intelligent, and better looking than PC users. (Of course, some are, like Lemming. Just not the whole group.)
PC users will go through an amazing amount of hassle to download bad apps they shouldn't. I've seen it. It is irresponsible folly to pretend that somehow you "Think Different" just because you go to the Apple Store. If we continue down this road, we will eventually have a massive outbreak of Mac (or, I predict, cross-platform) hacking. And the beat cops like me are going to have to clean up that stupid political mess.
Joe's security recommendation: whatever platform you use, never click a link or download a file through IM until your correspondent can pass a Turing Test. And update your virus definitions.