Apple Arms Snow Leopard with Mac Malware Detection, Reports Say

 
 
By Brian Prince  |  Posted 2009-08-26
 
 
 

It appears Apple has bolstered Snow Leopard with some new spots to enhance security.

 

In this case, Apple has apparently added a new malware scanner to analyze downloads for malicious content. Apple did not return a request for comment on the feature, which has understandably caught the attention of security companies.

  

"We're naturally curious about this feature, and about how thorough it is," Peter James, global spokesperson for Mac security firm Intego, wrote on the company's blog.

 

Intego posted a picture of the feature at work on its blog detecting a download made via Safari that contained a version of the RSPlug Trojan in a downloaded disk image.

 

In a report today, The Register cited an analysis of a corresponding preferences file called XProtect.plist and interviews with people who tested Snow Leopard. According to the report, the feature appears to check for just two known Mac Trojans. It also reportedly flags those files only if they are downloaded from the Web via Safari, iChat, Entourage and a handful of other applications.

 

If the reports are accurate, the feature will be included in the new version of Mac OS X scheduled to be released Aug. 28.

 

Security is always a contentious topic when it comes to Mac, due to debates about whether the lack of security threats for Mac when compared to Microsoft Windows is the result of better security or lower market share. Regardless, there is evidence attackers are paying more attention to Mac. Earlier this year, for example, malware authors tried to build arguably the first known Mac botnet. Meanwhile, security researchers have shown repeatedly that the system's security can be beaten.

 

Graham Cluley, senior technology consultant at Sophos, called the anti-malware feature an interesting step for Apple, since Apple's marketing machine has continuously sought to present the Mac as immune to security threats.

 

"If the reports are true - it will be interesting to find out what anti-virus engine Apple is using under the hood, and see how it compares to some of the commercial anti-virus solutions for Mac that exist," blogged Cluley.

 

 

 

Rocket Fuel