Apple quietly goes after Mac Trojan with update

Apple's latest update to Snow Leopard included software to protect Mac computers from a Trojan. Strangely, Apple didn't mention this fact in its release notes.

The Trojan horse is disguised as iPhoto, but opens a back door on the machine, insecurity outfit Sophos said.

The updated XProtect.plist - Apple's insecurity hit-list file - contains a routine to detect what Apple calls HellRTS. Sophos calls the Trojan OSX/Pinhead-B, and says it's been around for a couple of months now.

The malware opens a back door to a Mac that can allow hackers to gain control of the machine and snoop about on it or turn it into a zombie.

As Sophos notes, "many Mac users seem oblivious to security threats which can run on their computers. And that isn't helped when Apple issues an anti-malware security update like this by stealth, rather than informing the public what it has done."

"You have to wonder," wonders Sophos spokesman Graham Cluley, "whether their keeping quiet about an anti-malware security update like this was for marketing reasons."

Apple hasn't yet deigned to reply to enquiries on the matter.