It's different enough that Apple's MacDefender signature wasn't able to spot the new version.

"This is why you need detection that's not based on a single method," James argued, as he pitched Intego's VirusBarrier X6 antivirus software, which like most security software uses generic signatures able to detect minor variations in malware code without requiring a new fingerprint.

The update that Apple pushed to Snow Leopard users Tuesday also increased the frequency with which the operating system checks for new definitions: By default Mac OS X 10.6 will now look for new malware signatures daily.

How fast Apple reacts to the new MacDefender will show the company's commitment to stamping out scareware, said James.

"We don't know how reactive Apple will be," said James. "This will be the real litmus test.... How long is it going to take Apple to update [Snow Leopard with] a new signature?"