Sophos: Apple Users Don’t Take Security Seriously

Apple quietly updated a security feature added to Mac OS X last year to protect against a backdoor Trojan known as HellRTS

Apple has quietly slipped an update to the anti-malware security protections in its Mac OS X operating system.

Earlier this week, Apple released Mac OS X 10.6.4 – the latest edition of Snow Leopard – with fixes for more than two dozen security holes. In that release, Apple added a malware signature for a Trojan known as HellRTS to the XProtect.plist file in the Mac.

iPhoto Malware

XProtect was added to the operating system last year. At the time, however, Apple only included detection for two known Mac Trojans. According to Sophos Senior Technology Consultant Graham Cluley, the recent update adds protection for a Trojan that has been distributed by attackers under the guise of iPhoto, the photo application that ships on Mac computers.

“If you did get infected by this malware then hackers would be able to send spam email from your Mac, take screenshots of what you are doing, access your files and clipboard and much more,” he blogged.

Mac Owners Don’t Take Security Seriously

“Unfortunately, many Mac users seem oblivious to security threats which can run on their computers…There’s a lot less malicious software for Mac computers than Windows PCs, of course, but the fact that so many Mac owners don’t take security seriously enough, and haven’t bothered installing an antivirus, might mean they are a soft target for hackers in the future,” Cluley added.

The Mac update that included the additional protection for XProtect also shipped with a vulnerable version of Adobe Flash Player (10.0.45.2). Adobe Systems is advising Mac users who downloaded the update to visit their site and download the latest version of Flash, 10.1.53.64. Those who already have the most current version of Flash installed do not appear to be downgraded by the Apple update, noted Wendy Poland, security response program manager at Adobe.