Categories
News Software

Apple quietly installs specific anti-malware code into Mac OS X 10.6.4 update

snowleopard

There’s something to be said for an operating system succeeding and gaining market share: people will make more of an effort to write viruses and malware for it.

Per CNET, Apple’s recent Mac OS X 10.6.4 update includes software to protect Macs from a Trojan horse that has been distributed by attackers disguised as iPhoto, but which opens a back door on the machine, security firm Sophos said on Friday.

When Apple released OS X 10.6.4 on Tuesday, the company said it addressed certain compatibility issues with VPN connections and other things, but failed to mention anything about adding an anti-malware update.
Buried in the code is an update to the XProtect.plist file, which contains signatures of malware written to target the Mac. The signatures now detect malware dubbed “HellRTS,” Graham Clulely of Sophos wrote in a blog post.

HellRTS, which Sophos detects as “OSX/Pinheard-B,” is a Trojan that has been around several months. It lets attackers use infected computers to send spam, take screenshots, access files, and pretty much take control of the computer, Sophos said.

“Unfortunately, many Mac users seem oblivious to security threats which can run on their computers. And that isn’t helped when Apple issues an anti-malware security update like this by stealth, rather than informing the public what it has done,” Clulely writes. “You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons. “Shh! Don’t tell folks that we have to protect against malware on Mac OS X!”

Representatives from Apple have yet to return any requests for comment on the issue.