Is Apple Opening a Can of Worms?
Thursday August 27, 2009 at 9:18 am CST
Posted by Craig Schmugar
It has now been widely reported that Apple’s latest operating system, Snow Leopard contains the ability to identify two families of Mac malware–OSX/Puper and OSX/IWService–when the infectious DMG files are downloaded and mounted as part of the infection process.
There are a number of ramifications of such a move that could be discussed, but the intention of this post is to call out the possibility of this being a catalyst for more Mac malware to be created.
As previous noted on our blog, the growth rate of malware (notably PC malware) is partly due to the success of defenses; the bad guys react and pump out more and more malware in an effort to circumvent those defenses. Apple’s inclusion of malware identification into the OS could certainly be a catalyst for a more intense game of cat and mouse with virus authors, an ironic scenario should this come about.
September 3rd, 2009 at 06:37
[...] de veste attire quelques remarques sarcastiques de la part de la communauté sécurité. L’Avert Lab se demande si, en admettant sa vulnérabilité et en brandissant officiellement un bouclier, Apple ne serait [...]
September 8th, 2009 at 04:38
I agree completely. Mac malware to date has been completely unsophisticated. Yet, Puper.A is all over the Internet. I believe this is largely due to the lack of AV adoption by Mac users. The malicious code authors had no need for sophistication. This move by Apple may force the issue of evolution in Mac malware. Also, the “malware detection” built into the Snow Leopard appears to be a very weak signature detection built into the installer which puts the protection into the “band-aid” category at best. Not necessarily faulting Apple because they had to stop the bleeding but I would have preferred Apple to come out with a strong recommendation that their users install a real AV solution.