Apple adds malware blocker in Snow Leopard

Apple has quietly added a new Snow Leopard feature to scan software downloads for malware, a no-brainer move that coincides with a noticeable spike in malicious files embedded in pirated copies of Mac-specific software.

[SEE: iBotnet: Researchers find signs of zombie Macs ]

The malware blocker, first spotted by the folks at Intego, appears to be scanning installation packages for signs of known Mac malware.

In the screenshot below, the anti-virus flagged a malicious filed called "OSX.RSPlug.A," which is a DNS changer Trojan horse that runs on Mac OS X and changes the DNS settings on the compromised computer.

[ SEE: Mac OS X Malware found in pirated Apple iWork 09 ]

It is not yet clear how Apple is handling the package scans for signs of malicious software.

I have confirmed that Apple is not using the open-source ClamAV engine to handle these scans so it's likely the company has entered into an agreement with a commercial anti-virus company.

This isn't the first official acknowledgment from Apple that the Mac operating system may be susceptible to malware.  This Web page on Mac OS X security actually recommends the use of third-party anti-virus software to get "additional protection."