Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

New Variant of 'Mac Defender' Quickly Evades Apple's Security Update as Cat-and-Mouse Game Begins

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
63,515
30,790



macdefender_dialog_box.jpg



As we noted yesterday, Apple released Security Update 2011-003 for Mac OS X Snow Leopard, a system update addressing the "Mac Defender" malware threat that has been running in the wild under several different variants for the past month. The update provides tools for automatically removing the malware, as well as protection against future infections. But as reported by ZDNet, a new variant of the malware capable of circumventing Apple's update has already appeared. popping up within hours of Apple's software release.
Hours after Apple released this update and the initial set of definitions, a new variation of Mac Defender is in the wild. This one has a new name, Mdinstall.pkg, and it has been specifically formulated to skate past Apple's malware-blocking code.

The file has a date and time stamp from last night at 9:24PM Pacific time. That's less than 8 hours after Apple’s security update was released.
Click to expand...
Apple has prepared for this eventuality by including automatic daily updates of malware definitions with the software update, enabling it to quickly deploy protection as new variants and entirely different pieces of malware surface. Consequently, Apple should be able to respond to the new threat relatively quickly, although the speed with which the new variant appeared suggests that those responsible for the malware will not be going away easily.

Article Link: New Variant of 'Mac Defender' Quickly Evades Apple's Security Update as Cat-and-Mouse Game Begins
 
Article Link
https://www.macrumors.com/2011/06/01/new-variant-of-mac-defender-quickly-evades-apples-security-update-as-cat-and-mouse-game-begins/
GFLPraxis

GFLPraxis

macrumors 604
Mar 17, 2004
7,152
460
I'm amazed people are still stupid enough to manually download and run this considering all the press coverage it has received.
 
B

BLACKFRIDAY

macrumors regular
May 23, 2011
224
0
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.
 
Popeye206

Popeye206

macrumors 68040
Sep 6, 2007
3,148
836
NE PA USA
LOL! Funny.... looks like the crooks are hard at work to stir the pot on the Mac side.

Doesn't scare me. I don't install what I don't know. Malware is just annoying.
 
B

BLACKFRIDAY

macrumors regular
May 23, 2011
224
0
GFLPraxis said:
I'm amazed people are still stupid enough to manually download and run this considering all the press coverage it has received.
Click to expand...

I wonder, you'd say the same thing if your mom or dad would have caught up with this.

Not everybody is smart or a genius.
 
laurim

laurim

macrumors 68000
Sep 19, 2003
1,985
970
Minnesota USA
GFLPraxis said:
I'm amazed people are still stupid enough to manually download and run this considering all the press coverage it has received.
Click to expand...

I'm amazed people have nothing better to do than create viruses and malware all day. Imagine what could be achieved if people used their time and skills to do something useful for society. Hope they goof up, get traced and held accountable.
 
chrono1081

chrono1081

macrumors G3
Jan 26, 2008
8,453
4,158
Isla Nublar
BLACKFRIDAY said:
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.
Click to expand...

Nice troll attempt. If MS was serious about security they would start by removing the registry.
 
Dr McKay

Dr McKay

macrumors 68040
Aug 11, 2010
3,430
57
Kirkland
GFLPraxis said:
I'm amazed people are still stupid enough to manually download and run this considering all the press coverage it has received.
Click to expand...

Most of this news is on tech orientated sites, the average consumer base likely to fall for this software most likely aren't going to visit these sites.


chrono1081 said:
Nice troll attempt. If MS was serious about security they would start by removing the registry.
Click to expand...

Stating Microsoft take security seriously is a troll attempt? And what do you have against the registry, I'd prefer an easily searchable central registry of files rather than a million .ini files scattered the length and breadth of my hard drive.
 
ten-oak-druid

ten-oak-druid

macrumors 68000
Jan 11, 2010
1,980
0
Well hopefully the cat and mouse game leads to clues to finding who actually is behind the malware.

We need a survey asking people who actually run this thing if they:
A. Have always been Mac OS users.
B. Have converted from Windows OS.
 
B

BLACKFRIDAY

macrumors regular
May 23, 2011
224
0
chrono1081 said:
Nice troll attempt. If MS was serious about security they would start by removing the registry.
Click to expand...

Troll?

:(

I use Windows 7 for some of my work. My main machines are OS X and SunOS.

What I am trying to say that MS has showed a lot of effort on the security side which Apple has not, yet.

If you think I'm wrong, fine. But I don't see how I am biased towards Microsoft in this regard.
 
J

.Joel

macrumors member
May 10, 2005
93
39
BLACKFRIDAY said:
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.
Click to expand...

This would have to be the dumbest, most ignorant post I have read all week on here. Apple has addressed the first instance, and is now doing rolling updates pushing them straight through to your Mac to update the malware/virus definitions.

"Join date May 2011" next to your name tells me everything I need to know. Just another late comer who thinks he knows everything. I'm sure you will concoct some story as ignorant as your statement above.
 
S

segfaultdotorg

macrumors 65816
Jan 25, 2007
1,120
1,320
I guess it's time for Apple to catch up to Microsoft by including Microsoft Security Essentials on OS X.
 
Popeye206

Popeye206

macrumors 68040
Sep 6, 2007
3,148
836
NE PA USA
BLACKFRIDAY said:
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.
Click to expand...

The thing is, Malware is user initiated. Unless MS, Apple or whoever knows about a specific threat, you can't stop someone from offering a user the opportunity to download something. If they say yes, they invite the crooks in. Viruses is another story. These have to go around security in the OS to install themselves and extract information or change system settings to cause harm. Obviously the second is way more dangerous because you don't see it coming.

I only point this out because what the heck is Apple suppose to do any different? If you don't know what to not allow, or look for, you can't stop someone from wanting to install software.
 
I

i.mac

macrumors 6502a
Dec 14, 2007
996
247
Popeye206 said:
LOL! Funny.... looks like the crooks are hard at work to stir the pot on the Mac side.

Doesn't scare me. I don't install what I don't know. Malware is just annoying.
Click to expand...

Makes you wonder if nokia/ms are behind this! :)
 
K

kerryb

macrumors regular
Sep 14, 2003
139
0
BLACKFRIDAY said:
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.
Click to expand...

How can you even compare the 2 companies' OS's? Microsoft has had to plug the Swiss cheese Windows due to a shabby legacy code. Unix (Mac OS X) has always been more secure than DOS, it was designed as a network OS unlike DOS.

I'm surprised the police cannot track the perps in this case considering the credit card info taken from its victims, then again there might be a huge well funded organization behind most kinds of phishing and malware.
 
T

Themaeds

macrumors regular
Feb 4, 2011
174
0
BLACKFRIDAY said:
Troll?

:(

I use Windows 7 for some of my work. My main machines are OS X and SunOS.

What I am trying to say that MS has showed a lot of effort on the security side which Apple has not, yet.

If you think I'm wrong, fine. But I don't see how I am biased towards Microsoft in this regard.
Click to expand...

You provided a well written opposing view point. You are obviously a troll

*Sarcasm alert
 
J

juicedropsdeuce

macrumors 6502
Jun 23, 2010
327
0
Apple has no incentive to take this threat seriously. They will use it to leverage people into only using the App Store. It will prepare people for the merging of iOS and Mac OS.
 
Žalgiris

Žalgiris

macrumors 6502a
Aug 3, 2010
934
0
Lithuania
BLACKFRIDAY said:
I wonder, you'd say the same thing if your mom or dad would have caught up with this.

Not everybody is smart or a genius.
Click to expand...

I doubt that one needs to be very smart or a genius. If something happens what you didn't do or didn't want to do better click 'Cance/No/Deny'
 
L

Luis Ortega

macrumors 65816
May 10, 2007
1,138
328
GFLPraxis said:
I'm amazed people are still stupid enough to manually download and run this considering all the press coverage it has received.
Click to expand...

That's not what's happening.
At work, for the past two days, several times a day when I open Safari and go to a site like the drudge report, the screen gets taken over by the malware attack and fake scan and it won't allow you to click cancel or navigate elsewhere.
You can only accept the download or shut down Safari and try again.
I found 18 downloads of the malware file in my downloads folder and I never accepted any download. Naturally, I deleted them all, but if the open downloads button had been ticked in Safari, it would have been a disaster.
This is a strong attack that could easily hurt some less computer-capable people.
 
B

BLACKFRIDAY

macrumors regular
May 23, 2011
224
0
Joel Theodore said:
This would have to be the dumbest, most ignorant post I have read all week on here. Apple has addressed the first instance, and is now doing rolling updates pushing them straight through to your Mac to update the malware/virus definitions.

"Join date May 2011" next to your name tells me everything I need to know. Just another late comer who thinks he knows everything. I'm sure you will concoct some story as ignorant as your statement above.
Click to expand...

And you are a newbie?

I may be a late comer but I do have a life like most others and haven't been able to get an account and chat with you all.

I am 39 years old; that does not mean I am new to Apple or their products.

Suddenly, when I have an opinion against Apple, I am wrong? I think, they are not as serious about security as Microsoft are. Simple.

I maybe wrong, but that's how I feel.
 
BaldiMac

BaldiMac

macrumors G3
Jan 24, 2008
8,760
10,889
BLACKFRIDAY said:
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.
Click to expand...

What is Microsoft doing that Apple is not that would currently prevent a Mac Defender type attack? Daily definition updates of an anti-malware scanner is the most appropriate strategy. Outside of preventing the user from installing unapproved applications, I'm not sure what else you can do.
 
Menge

Menge

macrumors 6502a
Dec 22, 2008
611
3
Amsterdam
Aw, crap. This kind of sucks. I wonder if Apple's just going to update the definitions or actually look at a different solution.
 
Popeye206

Popeye206

macrumors 68040
Sep 6, 2007
3,148
836
NE PA USA
i.mac said:
Makes you wonder if nokia/ms are behind this! :)
Click to expand...

LOL!

I've always wondered is the Virus protection companies aren't the ones that hire suspect engineers from places like Russia to keep the need for them rolling. Wouldn't be too surprising if it was true.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom