|Apple quietly inserts anti-malware on Snow Leapord update|
Cnet reports on malware written to target the Mac
Cnet's Elinor Mills reported late yesterday that, "In the latest update to Snow Leopard, Apple included software to protect Mac computers from a Trojan horse that has been distributed by attackers disguised as iPhoto, but which opens a back door on the machine, security firm Sophos said on Friday (June 18, 2010).
|"Unfortunately, many Mac users seem oblivious to security threats which can run on their computers. And that isn't helped when Apple issues an anti-malware security update like this by stealth, rather than informing the public what it has done," Clulely writes. "You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons. "Shh! Don't tell folks that we have to protect against malware on Mac OS X!" [news.cnet.com...] |
The malware goes by the name HellRTS, Mills says.
Here's PC World's take:
|If Sophos' claims are correct, Apple wouldn't be the first OS maker to keep some security fixes secret. Microsoft officials in May admitted that they don't report all the security shortcomings in their software. Redmond's non-disclosure of patches was revealed by Core Security Technologies, which discovered three undocumented fixes in recent Microsoft software upgrades. |
Interestingly, if you go to Sophos' website and look at their security product for Mac, you can "try it for free" but they will not tell you what the software costs. Odd.
I wish there was someone other that people trying to sell something (not that selling something is bad) talking about this. Cnet posted some code on their page showing what Apple had added, so I suppose this is Sophos saying "Told you so."
|Not surprisingly, both Sophos and Intego—each sells Mac security software—dismissed the update. |
Pardon my saying - "Too many people just open files they download and install the program due to negligence or plain stupidity".
If you install the software and enter Admin password - it does not matter how secure your machine is, MS DOS, Windows, UNIX, Mac etc.
That's what the "Trojan Horse" means - pretending to be something else and do the harm.
Although on Mac "out of the box" user installed Trojan can NOT change/delete/harm core system and system files. It's just does not have enough privileges.
Thank you Cnet for the update! From now-on I'll be visiting your website daily!
I have been using a mac since 2002. G3 iBook OS X 10.1. Over the last 8 years I have read all kinds of crazy speculations on why there is so little malware/trojans/viruses for the Mac. At the same time more and more proof that there is malware out there. ClamXAV is the only easy to find and free solution, but OS X 10.6 isn't very well supported. It appears that the ClamAV engine is included in the modern Mac OS. But I am not sure of even this. No mention of it per se from Mac gurus at large, or the Big Apple. BIg fat 50$ manuals for OS X 10.6 offer no advice at all beyond the standard warnings for Windows related problems like Word macros. Everyone always seems in total denial.
The fact is that Macs can pick up malware for Windows and sometimes pass it on. Many such packages show up in OS X as black box shaped icons with the letters 'exe'. Unfortunately, so does much real software. However, I have seen these icons on thumb drives, in peoples Downloads folder etc (where no legitimate executable file would be :). On occasion I have googled for the suspicious files name. It turns up to be a trojan for Windows.
Mac users are supposed to use anti viral software just to stop the spread of it, wether their particular machine is susceptible or not. Hardly anyone ever gets told this though. It is also extremely difficult and tedious to get good solid reliable info on this kind of security issue for Mac.
I just bought a new Macbook Pro running 10.6 "Snow Leopard" and was assured by all that it is pretty much impervious to malware etc. I just refuse to believe this, and am still searching around trying to figure out what to do. Am I supposed to rely on the invisible hand of Apple updates and this legendary secret presence of the dreaded ClamAV engine that is barely whispered about?
Part of the problem with Mac apps is that most of them require you type your system password to allow them to install, for no good reason. Apps which get a system password when installing can get deeper into the system. When OS X came out the idea was that only apps that really *needed* a system password to install would ask for one, but in practice it seems like nearly all of them do. When faced with the password prompt, a user who's unsure about the software has only two choices: Install and worry, or don't install and not get the benefit of the software they wanted to use. I blame Apple in part for putting users in this position. They should be leaning on developers to not have their install programs require a system password when it's not needed.