contador web Saltar al contenido

Security expert criticizes Apple for not sharing malware definitions

For a long, long time Mac OS X macOS has a native security system called XProtect. Basically, this is a basic anti-malware layer that is undoubtedly sufficient for the vast majority of people. I would only recommend an installed antivirus if it is one that actually comes out by clicking on everything that goes ahead and / or that usually download files from questionable sources.

In the software industry, it is a well-regarded practice that definitions of malware are shared when they are discovered, because it helps to contain threats and neutralize them more quickly.

According to the security expert Patrick Wardlehowever, Apple has not followed this practice. Analyzing a threat found in a file identified as Meeting_Agenda.zip, he found that only two antivirus providers, Kaspersky and ZoneAlarm, were able to detect the malware (identified as Windshift, with a focus on spying on users in the Middle East).

So far, there is not very unusual. The question that Wardle noted that Apple was already aware of the threat, as it blocked in XProtect all certificates that allowed the software to run on Macs.

The purpose of Wardle's post was not even to draw much attention to the malware in question, not least because the servers with which they communicated are no longer on the air (that is, there is no risk), but rather to question such behavior. Apple. Sought, the company did not comment on the case.

via Ars Technica