Apple Malware Blocker Left For Dead?

Nearly six months after Apple added a malware blocker to Mac OS X (Snow Leopard), the feature appears to be collecting cobwebs.Apple has not added any anti-malware signature updates to the XProtect.plist file that launched with antidotes for OSX.RSPlug.A and OSX.Iservice, two known Trojan horse programs targeting Mac OS X users.

Nearly six months after Apple added a malware blocker to Mac OS X (Snow Leopard), the feature appears to be collecting cobwebs.

Apple has not added any anti-malware signature updates to the XProtect.plist file that launched with antidotes for OSX.RSPlug.A and OSX.Iservice, two known Trojan horse programs targeting Mac OS X users.
To be fair, the two signatures flag numerous variants of each Trojan but it’s disappointing that Apple has not seen it fit to expand the signature base to catch the growing list of DNS-Changer threats that specifically target the Mac operating system.

DNS-Changer Trojans are used to change the Mac’s DNS server, a trick used by phishers to load fake Web pages and hijack valuable user data.  They are typically distributed via social engineering tricks or within pirated software on peer-to-peer sites.

With the anti-malware function in Snow Leopard, Mac users were expecting new definitions via the Software Update utility but nothing new has been released in months.

The anti-malware blocker is useful, but somewhat rudimentary.  It only scans files downloaded with a handful of applications (Safari, Mail, iChat, Firefox, Entourage, and a few other Web browsers).

Suggested articles

Discussion

  • Colin on

    Your almost treating it like it's AVG or ClamWin and in fact it's never meant to be anything like that (Apples never advertised it's that), see http://twitter.com/jfroy/status/3542412555

  • Anonymous on

    mac suck

  • parky on

    Im experiencing redirects on some of my search result pages when in firefox to an ave99.com.  Any word on how this can be handled on the Mac?  Thanks in advance.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.