Apple Takes Aim at Malware Beneath the Radar

[Michael Essany]

Graham Cluley of Sophos updated his blog Friday with a blunt message for many of the Mac users who still "seem oblivious to security threats which can run on their computers." As a result of this unfortunate reality, Apple has stealthily updated Mac OS X’s anti-malware protection conveniently enough through the just-released Mac OS X 10.6.4.

According to Cluley, Apple specifically took aim at updating the malware protection built into Mac OS X to guard against a "backdoor Trojan horse" that could prove a nightmare iMac or MacBook users by letting hackers "send spam email from your computer, take screenshots of what you are doing, access your files and clipboard and much much more."

Nonetheless, Apple didn't publicly utter a word of this update, most likely as a means to keep hackers in the dark on the update. Well, that plan didn't work out as expected since the update has now come to light. Still, beefed-up security was apparently of great concern for Cupertino as more and more nefarious threats surface for our Macs on a surprisingly routine basis. So, without much fanfare, Apple simply updated XProtect.plist, which, as Culely calls it, is the "rudimentary file that contains elementary signatures of a handful of Mac threats" to pick up on HellRTS. For months now HellRTS has been passed out like cupcakes at a birthday party by hackers looking to do damage with their own disguised version of iPhoto.

It's clear that the latest steps taken by Apple to safeguard Macs and their users represent more of a beginning than an end to a process. While there are certainly more threats to Windows PCs thriving in the world today, hackers have not overlooked Macs - not by a long shot. And for that very reason, we can't afford to overlook them either.

Image via Sophos

[screamforme02]

its only going to get worse. so much for no viruses on macs, i guess they cant use that line any more. haha Hi Iam a PC

[CrestonzFin3zT]

im pretty sure they'll find a way to fix it...i mean it is public so im pretty sure apple knows about it and is working on it.

[dq13]

im pretty sure they'll find a way to fix it...i mean it is public so im pretty sure apple knows about it and is working on it.

yeah, they fix it and patch it and whatever, just like in windows... that's why we have antiviruses, because they are already known... but the thing is that they are targeting Macs much more because they are more popular so its only gonna get worse, even if Apple "fix it" they will make a new virus

[ShadowDXDragon]

I tip my hats off to hackers for finally showing up apple fanboys that think their macs are protected by a holy grace and they wont get attacked.

[ggab]

I tip my hats off to hackers for finally showing up apple fanboys that think their macs are protected by a holy grace and they wont get attacked.

True dat.

[iNT3Rv3NTiONZz]

I can't really say much as I'm a windows user and that's a massive fail.. But this is one big "iFail" lol

[cpkirkley]

Two things.

1) I would like to know how on earth Apple pulled off the marketing angle that Macs were virus-proof in the first place.

2) How many people that wanted a computer that "just works" are now trying to figure out how they found themselves in the same boat they thought they had left?

[Robcoffee]

For months now HellRTS has been passed out like cupcakes at a birthday party by hackers looking to do damage with their own disguised version of iPhoto.

You can't blame Apple for malware that osx users are installing themselves, these are not backdoor entry hacks - you have to install the moody software to then have the problem. If you've paid for a Mac then you most likely have the readies to pay for the software to run on it as well - so most likely this is an issue for Hackintosh - Apple are so nice they protect their os hackers from hackers!

[Eagleye]

Two things.

1) I would like to know how on earth Apple pulled off the marketing angle that Macs were virus-proof in the first place.

2) How many people that wanted a computer that "just works" are now trying to figure out how they found themselves in the same boat they thought they had left?

Because Apple could sell a ketchup popsicle to a woman in white gloves!

[dsg]

look at all these windows users coming to gloat, well windows machines still have many issues.

anybody that uses the internet should worry about threats, because thats the world we live in, if you want safe go for a closed system and scan everything you connect to your computer, and even then your not fully safe

[Cer0]

Seems that some people don't fully know how the stuff gets on Macs or how they work. The users are at fault for installing MALWARE, not virus. Unlike windows, which anything can install itself without the user's knowledge, OSX needs the Admin password to install. So the user should understand what they are installing and not just type in the password when it pops up out of nowhere.

Next: OSX is not getting attention more because it is gaining market share. OS9 had a ton of viruses and malware yet it could have only dreamed of having a fraction of the market share OSX now has. (OS9 was before Apple moved to NeXT's OS that uses Unix.)

So as with Windows or OSX it is always best to practice safe usage.

[qumahlin]

@cerote

Exactly. These aren't drive-by download viruses. All of them require the user to execute a malicious program and enter their password...far cry from the typical virus on a windows machine

[hgwellz]

@cerote

Exactly. These aren't drive-by download viruses. All of them require the user to execute a malicious program and enter their password...far cry from the typical virus on a windows machine

Gotta suck to be a windows user.

[jordbrett]

Mac is STILL far more stable than windows and never crashes. I don't care as much about a virus because there is software to combat that or you can pay someone to fix that but the overall general crappiness of windows and crashes I can't deal with.

[vindutch]

If you could install osx on anything but apple hardware. You would have just as many crashes. I don't see how you can gloat on how good osx is when it's only designed to work with apple hardware. Isn't that why we are all here to free our devices. So we are able to do what we want not what apple wants. If I couldn't jailbreak my iPhone or iPad I wouldn't like them as much.

[Cer0]

Mac is STILL far more stable than windows and never crashes. I don't care as much about a virus because there is software to combat that or you can pay someone to fix that but the overall general crappiness of windows and crashes I can't deal with.

I wouldn't say OSX never crashes. I have had a couple crashes before. But they are very, very rare.

Yes it helps that OSX is on the hardware that it is designed for. But I can do what I want with my iMac that I want. Want a new harddrive, easy add it. Want some more memory, easy add any kind that is compatible. Yes Windows uses a mesh of all sorts of hardware. But that is why I like my iMac and this is also why Apple has a great warranty service.

[Antman217]

I've had a mac for about 7 monts now with absolutely no anti-virus/malware and I have had absolutely no viruses or crashes. I used to have a pc which I loved but I had so many anti-virus programs like norton and avg and my computer always found a way to get a virus and eventually i just gave up on it. Now i have a macbook with snowleopard and i also have windows 7 on bootcamp just in case but I rarely boot up in windows.

[domthebigbomb]

You can't blame Apple for malware that osx users are installing themselves, these are not backdoor entry hacks - you have to install the moody software to then have the problem. If you've paid for a Mac then you most likely have the readies to pay for the software to run on it as well - so most likely this is an issue for Hackintosh - Apple are so nice they protect their os hackers from hackers!

Or... u cud be like me a student who received a macbook for a cheap price from a friend...

[iphnblues]

I just wander how long it will be before someone makes a virus that can bypass the admin password anything is possible and nothing is foolproof and I say long live windows and yes I also have a mac and it's nowhere near as good as my custom built win 7 desktop wich I've only spent at the most $600 on and it's specs are better than the $1500 and up macs so suck that