Posts Tagged ‘Mac OS X’

Apple quietly includes malware prevention update in Mac OS X 10.6.4

Friday, June 18th, 2010

Apple silently updated its Snow Leopard malware protection in this week’s Mac OS X 10.6.4 update, targeting a Trojan that disguises itself as iPhoto.

Though the new protection wasn’t specifically listed in any of Apple’s documentation accompanying Mac OS X 10.6.4, security firm Sophos discovered the update in the XProtect.plist file, which contains signatures of potential Mac threats. The new threat, dubbed HellRTS by Apple, has been distributed by hackers since April in the form of iPhoto.

Referred to as OSX/Pinhead-B by Sophos, the Trojan monitors browser activity unbeknownst to Mac users. It also makes a machine remotely accessible to the attacker, who can take complete control of the computer.

“If you did get infected by this malware then hackers would be able to send spam email from your Mac, take screenshots of what you are doing, access your files and clipboard and much more,” said Graham Cluley, senior technology consultant with Sophos.

Cluley took a negative response to Apple’s secrecy, suggesting that the Cupertino, Calif., company should instead make note that the latest update to Snow Leopard helps to thwart a potentially dangerous Trojan.

“You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons,” he wrote on the company’s blog.

Last September, Cluley also made note that users upgrading to Snow Leopard would see their version of Flash for Mac downgraded to an older, less secure version. Apple addressed the issue with an update a week later.
Released last August, Snow Leopard came with a built-in antimalware feature. While the previous version of Mac OS X, Leopard, flagged Internet downloads with metadata that alerted users when downloading files from the Web, Snow Leopard added an additional warning when disk images containing known malware installers are opened.

Apple released its latest update for Snow Leopard, Mac OS X 10.6.4, on Tuesday. The security and maintenance update fixed issues that could cause a Mac keyboard or trackpad to become responsive, and also resolved a problem that could prevent some Adobe Creative Suite 3 applications from opening.

Tags: , ,
Posted in Apple, Mac OS X | No Comments »

Antivirus Firm Warns of New Mac OS X Spyware Application

Tuesday, June 1st, 2010

Antivirus company Intego today announced that it has discovered a new spyware application capable of infecting computers running Mac OS X. The spyware, known as “OSX/OpinionSpy”, is downloaded and installed on users’ computers via the installation process for unrelated applications hosted on several popular download sites.

This spyware, OSX/OpinionSpy, performs a number of malicious actions, from scanning files to recording user activity, as well as sending information about this activity to remote servers and opening a backdoor on infected Macs.

OSX/OpinionSpy is installed by a number of applications and screen savers that are distributed on sites such as MacUpdate, VersionTracker and Softpedia. The spyware itself is not contained in these applications, but is downloaded during the installation process.

According to the report, the installation instructions for the seemingly harmless media converter software and screensavers that serve as the vehicle for the spyware in some cases require the user to accept installation of a “market research” add-on that actually opens a backdoor on the infected computer, scans files, and transmits data to remote servers.

Users have no way of knowing exactly what data is collected and sent to remote servers; such data may include user names, passwords, credit card numbers and more. The risk of this data being collected and used without users’ permission makes this spyware particularly dangerous to users’ privacy.

Full details on the malware’s actions are available on Intego’s site.

OSX/OpinionSpy is a new Mac OS X version of Windows malware that has been floating around since 2008.

Tags: , ,
Posted in Apple, Mac OS X | No Comments »