Apple last week released a Mac OS X 10.6.4 update that quietly “updated the malware protection built into” the OS.
Although there is no mention of it that we could find in Apple’s release notes for Mac OS X 10.6.4, or the accompanying security bulletin, Apple has updated XProtect.plist – the rudimentary file that contains elementary signatures of a handful of Mac threats – to detect what they call HellRTS.
HellRTS, which Sophos products have been detecting as OSX/Pinhead-B since April, has been distributed by malicious hackers disguised as iPhoto, the photo application which ships on modern Mac computers.
If you did get infected by this malware then hackers would be able to send spam email from your Mac, take screenshots of what you are doing, access your files and clipboard and much more.
Sopho’s is a company that makes money by selling anti-virus software, so it’s none too shocking that while they welcome the recent OS X update, they still see Apple’s efforts as wanting.
And I’m afraid that although I welcome Apple doing something to reduce the malware problem on Mac OS X, I don’t consider it a replacement for real anti-virus software.
Fair enough, but in the meantime, just don’t go around downloading pirated versions of iPhoto or iWork etc.