Apple sneaks anti-malware update into Snow Leopard
- 19 June, 2010 02:56
- Comments
Ten months after it debuted rudimentary malware scanning in Snow Leopard, Apple this week quietly added a signature for a third piece of malware, security researchers reported today.
According to U.K-based antivirus vendor Sophos and U.S. Mac security company Intego, Mac OS X 10.6.4 , which Apple released this past Tuesday, includes an update to XProtect.
Dubbed that because the malware signatures are contained within Snow Leopard's "XProtect.plist" file, the feature debuted in August 2009 with the launch of Mac OS X 10.6 . At the time, Apple included detection for only two pieces of malware, Trojan horses named "RSPlug.a" and "Iservice" by Symantec.
The 10.6.4 update added a scanning signature for another Trojan, which Symantec has labeled as "HellRTS."
According to Sophos, which calls the same Trojan "OSX/Pinhead-B," and like Symantec has had protection in place since April, hackers have disguised the threat as iPhoto, the photo management software that ships with new Macs. The masquerade is meant to dupe users into installing the backdoor malware.
Apple did not note the change to XProtect's signature list in the release notes for Mac OS X 10.6.4, a fact that Sophos' Graham Cluley found curious.
"You have to wonder whether they're keeping quiet about an anti-malware security update like this ... for marketing reasons," speculated Cluley, a Sophos senior technology consultant, in a post to a company blog . "Shh! Don't tell folks that we have to protect against malware on Mac OS X!"
Computerworld confirmed that detection for HellRTS has been added to XProtect.plist.
Not surprisingly, both Sophos and Intego -- each sells Mac security software -- dismissed the update.
"Although I welcome Apple doing something to reduce the malware problem on Mac OS X, I don't consider it a replacement for real anti- virus software," Cluley asserted.
"So Apple's anti-malware feature now protects against three types of malware," said Intego on its Web site . "Intego's VirusBarrier X6 protects against all known Mac malware."
- Bookmark this page
- Share this article
- Got more on this story? Email TechWorld
- Follow TechWorld on twitter
- Adobe knocks Apple for serving up outdated Flash Player - Computerworld
- Apple adds basic anti-malware to Snow Leopard - Computerworld
- Apple's Snow Leopard - Computerworld
- OSX.HellRTS : Symantec
- Apple Update - Computerworld
- Apple secretly updates Mac malware protection : Graham Cluley's blog
- Malware and Vulnerabilities Topic Center - Computerworld
- The Mac Security Blog » Mac OS X 10.6.4 Update Includes New Malware Definitions
- Data Center Physical Infrastructure: Optimising Business Value
- Securing SOA and Web Services with Oracle Enterprise Gateway
- Look both ways - Protecting your data with content inspection
- New Mobility Requires a New Network Strategy
- HP VirtualSystem VS3 for VMware - Simple, agile, efficient enterprise virtualisation
-
Broadband Forum to improve IPTV performance with new spec
-
Review: FitBit Ultra
-
US man convicted for helping thousands steal Internet service
-
Replicant developer interview: Building a truly free Android
-
Myspace settles FTC privacy complaint
-
Teach Yourself Visually Windows 7
-
Excel 2007 All-In-One Desk Reference for Dummies
-
Computers for Seniors for Dummies, 2nd Edition
-
Microsoft Office
-
Office 2007 All-In-One Desk Reference for Dummies
-
MYOB Software for Dummies 6E Australian Edition
-
Windows 7 for Dummies®
-
Office 2007 for Dummies
-
Windows 7 for Dummies® Dvd+book Bundle
Comments
Post new comment