Apple never said OS X was invulnerable to viruses. Well, not in so many words.
It’s just one of those things that the media hungry –but security disinterested– public has turned into an axiom.
But now that OS X is garnering an increased share of the operating system market, it is increasing its value as a platform for malware, and consequently increasing in value in the software security market.
The built-in security measures that have existed since Tiger (OS X 10.4) have been brought to a position of much greater prominence in Snow Leopard (OS X 10.6). This week, there has been a considerable amount of discussion about two invisible anti-malware mechanisms which pop up any time certain Mac viruses are found (OSX/Puper, OSX/IWService.)
Security software company McAfee Avert Labs’ Craig Schmugar pointed out that “the growth rate of malware (notably PC malware) is partly due to the success of defenses; the bad guys react and pump out more and more malware in an effort to circumvent those defenses. Apple’s inclusion of malware identification into the OS could certainly be a catalyst for a more intense game of cat and mouse with virus authors, an ironic scenario should this come about.”
Also, security company Trend Micro reports that the release of Snow Leopard has brought out a number of malicious Web sites where an OS X mountable Disk Image (.DMG) with malicious Install Operation scripts are being spread. Trend Micro researcher Ivan Macalintal found the most recent variant of this common malware last Sunday.
“The said downloaded script resets the DNS configuration of the affected system and adds two new IP addresses as the DNS server. As a result, users may be redirected to phishing sites or sites where other malware may be downloaded,” says Trend Micro’s threat definition.