New Trojan targets the Mac, while Apple finally reaches out to security pros

Some security researchers have long complained that Apple won't take security seriously because doing so would conflict with the company's marketing message that Mac buyers need not worry about being attacked. The discovery of a beta of a Mac-attacking Trojan once again shows Mac invulnerability to be a myth. And in an unrelated move, Apple has reached out to security researchers, showing that it may finally take security seriously.

The security company Sophos says that it's found the beta of a backdoor Trojan targeting the Mac that's "a variant of "a well-known Remote Access Trojan (RAT) for Windows known as darkComet."

The author calls it the 'BlackHole RAT,' strongly implying that plans are to have it masquerade as the legitimate Black Hole security application designed to keep a Mac safe by purging private information such as clipboard data and recent file lists.

Sophos is quick to point out that the Trojan is not yet finished. But the company clearly believes that attacks on the Mac are in the offing. It notes on its blog:

It appears there is a new backdoor Trojan in town and it targets users of Mac OS X. As even the malware itself admits, it is not yet finished, but it could be indicative of more underground programmers taking note of Apple's increasing market share.

Computerworld reports that Sophos researcher Chet Wisniewski has seen another Trojan called HellRTS already in circulation on file-sharing sites used to pirate Mac software.

Apple hasn't responded specifically to these new threats, but there's a major, encouraging sign that it is taking Mac security very seriously, possibly because it now has a big enough market share that malware writers see it as a financially viable target.

The Edible Apple blog reports that Apple is offering security experts free preview versions of OS X 10.7, called Lion, "so that they can take a look at Apple’s new security measures and presumably reach back to Apple with any thoughts, observations, and concerns they might have."

The site reports that Apple sent out the following note to security experts:

"I wanted to let you know that I’ve requested that you be invited to the prerelease seed of Mac OS X Lion, and you should receive an invitation soon. As you have reported Mac OS X security issues in the past, I thought that you might be interested in taking a look at this. It contains several improvements in the area of security countermeasures."

Security researchers so far are pleased that Apple seems to be taking security more seriously than they have in the past. Edible Apple reports that MacBook hacker and security consultant Dino Dai Zov tweeted "This looks to be a step in the direction of opening up a bit and inviting more dialogue with external researchers."

And CNet quotes OS X hacker Charlie Miller saying in an email:

"As far as I know they have never reached out to security researchers in this way. Also, we won't have to pay for it like everybody else. It's not hiring us to do pen-tests of it, but at least it's not total isolation anymore, and at least security crosses their mind now."

That's more than just faint praise --- it appears that Apple may finally accept that security needs to trump marketing.

Copyright © 2011 IDG Communications, Inc.

Shop Tech Products at Amazon