In the latest update to Snow Leopard, Apple included software to protect Mac computers from a Trojan horse that has been distributed by attackers disguised as iPhoto, but which opens a back door on the machine, security firm Sophos said on Friday.
When Apple released OS X 10.6.4, the company said it addressed certain compatibility issues with VPN connections and other things, but failed to mention anything about adding an anti-malware update.
But buried in the code is an update to the XProtect.plist file, which contains signatures of malware written to target the Mac. The signatures now detect malware dubbed "HellRTS," Graham Clulely of Sophos wrote in a blog post.
HellRTS, which Sophos detects as "OSX/Pinheard-B," is a Trojan that has been around several months. It lets attackers use infected computers to send spam, take screenshots, access files, and pretty much take control of the computer, Sophos said.
"Unfortunately, many Mac users seem oblivious to security threats which can run on their computers. And that isn't helped when Apple issues an anti-malware security update like this by stealth, rather than informing the public what it has done," Clulely writes. "You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons. "Shh! Don't tell folks that we have to protect against malware on Mac OS X!"
Representatives from Apple did not immediately return e-mails seeking comment on Friday afternoon.
reading•Apple quietly adds anti-malware in Snow Leopard update
Jul 22•Apple reveals 70 new emoji for iPhone X, and iCloud has a Big Brother in China
Jul 22•Which Microsoft Surface should I buy?
Jul 21•How to keep pests out of your home
Jul 21•Samsung Galaxy Watch: Rumored specs, price and release date