Apple adds malware blocker in Snow Leopard
Apple's commercials may give the impression that Macs are virus-free (.mov) but the company isn't taking any chances with the newest Mac OS X refresh.
Apple has quietly added a new Snow Leopard feature to scan software downloads for malware, a no-brainer move that coincides with a noticeable spike in malicious files embedded in pirated copies of Mac-specific software.
[SEE: iBotnet: Researchers find signs of zombie Macs ]
The malware blocker, first spotted by the folks at Intego, appears to be scanning installation packages for signs of known Mac malware.
In the screenshot below, the anti-virus flagged a malicious filed called "OSX.RSPlug.A," which is a DNS changer Trojan horse that runs on Mac OS X and changes the DNS settings on the compromised computer.
[ SEE: Mac OS X Malware found in pirated Apple iWork 09 ]
It is not yet clear how Apple is handling the package scans for signs of malicious software.
I have confirmed that Apple is not using the open-source ClamAV engine to handle these scans so it's likely the company has entered into an agreement with a commercial anti-virus company.
This isn't the first official acknowledgment from Apple that the Mac operating system may be susceptible to malware. This Web page on Mac OS X security actually recommends the use of third-party anti-virus software to get "additional protection."