Apple sneaks anti-malware update into latest Mac OS X

Apple sneaks anti-malware update into latest Mac OS X
Graham Cluley of the Sophos security firm has written about a hidden change in Mac OS X 10.6.4 that is not mentioned in its release notes. Specifically, Apple included an update to the malware protection built into Mac OS X to protect against a backdoor Trojan the Cupertino-based Mac-maker identifies as "HellRTS".

Sophos has been tracking the same trojan since April as OSX/Pinhead-B. It is distributed by malicious sources as the iPhoto application. The malware can provide a attacker with full access to an infected Mac, allowing for the taking of screenshots, sending spam, reading the clipboard, accessing files and so on.



"Unfortunately, many Mac users seem oblivious to security threats which can run on their computers. And that isn't helped when Apple issues an anti-malware security update like this by stealth, rather than informing the public what it has done," Cluley wrote.

"You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons. 'Shh! Don't tell folks that we have to protect against malware on Mac OS X!'"

Building on that point, Cluley recalled a recent twitter entry from a colleague telling of how he had overheard an Apple Store employee tell potential customers that it was impossible for Macs to be infected with viruses.

"There's a lot less malicious software for Mac computers than Windows PCs, of course, but the fact that so many Mac owners don't take security seriously enough, and haven't bothered installing an anti-virus, might mean they are a soft target for hackers in the future," Cluley writes.

To counter the threat of HellRTS - or OSX/Pinhead-B - Apple added signatures to the XProtect.plist file. "Apple's update to detect "HellRTS" more than doubles the size of the XProtect.plist file from 2.4k to 5.1k. There are still a lot of Mac threats it doesn't protect against," Cluley concludes.

Written by: James Delahunty @ 20 Jun 2010 23:50
Advertisement - News comments available below the ad
  • 5 comments
  • KillerBug

    "There's a lot less malicious software for Mac computers than Windows PCs, of course, but the fact that so many Mac owners don't take security seriously enough, and haven't bothered installing an anti-virus, might mean they are a soft target for hackers in the future," Cluley writes.


    When Apple commercials tell people that Macs cannot get viruses, people don't install virus scanners! Any system can get a virus...even linux has some viruses.

    21.6.2010 03:32 #1

  • dEwMe

    Yeah being virus/maleware proof has been a big selling point over the years. I'm suprised it took them this long to come after Apple but NOTHING is virus proof...

    Just my $0.02,

    dEwMe

    21.6.2010 08:26 #2

  • DXR88

    Since they switched to the x86/x64 Intel platform, its only going to get worse.

    Powered By

    21.6.2010 16:11 #3

  • lupine25

    To be honest, I prefer Apple NOT telling the public about an update until after it's released. Otherwise you have stuff like Microfail did last week... a big security hole in Windows XP found so they publish the hole on their site...BUT NO FIX!!!! Regardless of who "leaked" the security risk, anybody using a Windows XP machine is at risk, thanks to someone who fumbled the issue. (Exploit City, here we come!). Way to go Apple for doing it right! :)

    21.6.2010 19:16 #4

  • IguanaC64

    What does physical architecture have to do with code weaknesses?

    24.6.2010 11:45 #5

© 2024 AfterDawn Oy

Hosted by
Powered by UpCloud