Apple security checks may miss iWorm malware
Apple’s security technologies for Mac OS X may still miss iWorm, a piece of malware discovered in late September that infected thousands of computers.
Apple released an update for its XProtect antivirus engine to detect iWorm, but the update only detects when iWorm’s installer is launched, which is a one-time operation, said Patrick Wardle, director of research with Synack, a computer security company based in Redwood City, California. He wrote a paper describing his findings.
It means that computers already infected with iWorm before the update would still be compromised.