Apple Secretly Updates Mac Malware Protection, Sophos Reveals

IT security and data protection firm, Sophos, discovered that Apple secretly updated the anti-malware protection built into Mac OS X when it released a new version earlier this week.

Although not documented by Apple, Mac OS X 10.6.4 has been updated to provide limited protection against OSX/Pinhead-B (called HellRTS by Apple), a backdoor Trojan which can allow remote hackers to gain control over Mac computers for the purposes of identity theft, spying and the distribution of spam.

Sophos has been detecting OSX/Pinhead-B since April, when the malware was distributed disguised as the popular iPhoto application by malicious hackers. Sophos researchers discovered that Apple updated a file called XProtect.plist - the rudimentary file that contains elementary signatures of a handful of Mac threats to detect ‘HellRTS’.


Published Date: Jun 22, 2010 10:32 am | Updated Date: Jun 22, 2010 10:32 am