In the latest update to Snow Leopard, Apple included software to protect Mac computers from a Trojan horse that has been distributed by attackers disguised as iPhoto, but which opens a back door on the machine, security firm Sophos said on Friday.
When Apple released OS X 10.6.4, the company said it addressed certain compatibility issues with VPN connections and other things, but failed to mention anything about adding an anti-malware update.
But buried in the code is an update to the XProtect.plist file, which contains signatures of malware written to target the Mac. The signatures now detect malware dubbed "HellRTS," Graham Clulely of Sophos wrote in a blog post.
HellRTS, which Sophos detects as "OSX/Pinheard-B," is a Trojan that has been around several months. It lets attackers use infected computers to send spam, take screenshots, access files, and pretty much take control of the computer, Sophos said.
"Unfortunately, many Mac users seem oblivious to security threats which can run on their computers. And that isn't helped when Apple issues an anti-malware security update like this by stealth, rather than informing the public what it has done," Clulely writes. "You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons. "Shh! Don't tell folks that we have to protect against malware on Mac OS X!"
Representatives from Apple did not immediately return e-mails seeking comment on Friday afternoon.