In association with heise online

27 August 2009, 15:57

Apple's Snow Leopard OS may include malware protection

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Snow Leopard Mac OS X Snow Leopard, Apple's next major operating system upgrade scheduled to be released tomorrow, supposedly includes rudimentary malware protection, warning users that downloaded files may contain trojans. According to reports, the malware detection in the latest beta only checks for two trojans; RSPlug and iServices.

Originally discovered at the end of 2007, the OSX.RSPlug.A trojan, disguises itself as a video codec and redirects DNS entries to a server controlled by the malware authors. The manipulated DNS entries then redirect browsers to phishing websites for eBay, PayPal and various banks. It also creates a cronjob that checks these settings once a minute and resets them if they have been changed.

At the beginning of 2009, many users downloading and installing copies of iWork 09, Apple's office suite, off of BitTorrent were infected with the OSX.Trojan.iServices.A, which connects to a remote server, possibly providing attackers remote access to a users system and downloading additional components to the infected Mac.

As with most anti-malware software, Apple can easily update and add further signatures through its built-in automatic update tool included with the OS. In its current form, the malware protection only seems to scan files downloaded from the Safari web browser, or files received via or the iChat messaging application. It doesn't appear to be able to scan files on hard drives.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit