Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Investigating 'MACDefender' Malware, Support Staff Barred From Assisting Customers
- Thread starter MacRumors
- Start date
- Sort by reaction score
Hey Aiden,
I just posted my first troll on WinRumors. It was EPIC!
Edit: Sorry, my post is rude. I apologize.
Last edited:
Probably because they are still single digits in market share. But keep believing the every two yesr mantra and you might convince othersas you have yourself. I guess all the good spyware is first party anyways........ feel free to insert your rant about google
Name calling
Stop calling names and pigeon-holing people as ignorant, stupid, etc. There is no distinction between Windows users and Mac users in the I.Q. department. A whole range of people use computers, and most of them use one for the same reason they use a television or Cuisinart: to get something done. Most people are not techies. Watch Tonight Shows old "JayWalking" skits to confirm this.
Now for my important comment: Who is Sam Jackson? From wikipedia:
Samuel Jackson may also refer to
* Samuel D. Jackson (18951951), U.S. Senator from Indiana
* Samuel P. Jackson (18181885), American organist and composer
* Samuel Jackson (artist) (17841869), English artist
* Samuel Jackson (cricketer) (18591941), English cricketer
* Samuel Jacob Jackson (18481942), Manitoba politician
* Sammy Jackson (19371995), American actor
* Sam Jackson (baseball) (18491930), baseball player
* Sam Peter Jackson (born 1978), playwright and actor
* Samuel Macauley Jackson (18511912), American clergyman, editor and author
I guess I am "ignorant" of pop culture.
Stop calling names and pigeon-holing people as ignorant, stupid, etc. There is no distinction between Windows users and Mac users in the I.Q. department. A whole range of people use computers, and most of them use one for the same reason they use a television or Cuisinart: to get something done. Most people are not techies. Watch Tonight Shows old "JayWalking" skits to confirm this.
Now for my important comment: Who is Sam Jackson? From wikipedia:
Samuel Jackson may also refer to
* Samuel D. Jackson (18951951), U.S. Senator from Indiana
* Samuel P. Jackson (18181885), American organist and composer
* Samuel Jackson (artist) (17841869), English artist
* Samuel Jackson (cricketer) (18591941), English cricketer
* Samuel Jacob Jackson (18481942), Manitoba politician
* Sammy Jackson (19371995), American actor
* Sam Jackson (baseball) (18491930), baseball player
* Sam Peter Jackson (born 1978), playwright and actor
* Samuel Macauley Jackson (18511912), American clergyman, editor and author
I guess I am "ignorant" of pop culture.
You're right. I missed his use of a plural where he meant to use a possessive. I'm a better writer than editor.
358 posts in and your still trying to educate the masses.
Fair play mate. You're one of the few people i actually respect here!
Wow!
Wow! My Dad just bought a new Macbook Pro, and I helped him transfer all his old stuff over using Migration Assistant (the place he bought it from wanted $130! Rip Off!). I then left home (I live in Japan) and he was complaining about this MacDefender Thing that kept asking him to download it and pay for it and stuff. I just told him I had no idea what it was! But he contacted Comcast and they helped him delete it (they said it was a virus). And now he couldn't be happier with the computer (he had an ancient G5 tower!). Cool to see that Apple knows about this and is hopefully going to do something about it!
Wow! My Dad just bought a new Macbook Pro, and I helped him transfer all his old stuff over using Migration Assistant (the place he bought it from wanted $130! Rip Off!). I then left home (I live in Japan) and he was complaining about this MacDefender Thing that kept asking him to download it and pay for it and stuff. I just told him I had no idea what it was! But he contacted Comcast and they helped him delete it (they said it was a virus). And now he couldn't be happier with the computer (he had an ancient G5 tower!). Cool to see that Apple knows about this and is hopefully going to do something about it!
I actually came across this a week or so back, totally by accident while doing a google search. Fake "finder" window inside my browser, lots of flashing warnings saying my disk is infected, and a very convincing osx-style popup window that I couldn't drag out of the browser. And a .dmg file automatically downloading in the background.
That's not going to fool me, and I'm certainly not going to run an installer and hand over my password. But it would fool a whole lot of people, and I suspect if that one is successful a lot more will follow it. The model on windows lately is to make a kit where you can add features to the malware easily, for different infection methods and ways of spreading / making money. It'd make sense on the mac too - how many macs are fully patched up? All the ones that aren't are vulnerable. And how many have the latest flash player, web browser, quicktime and so on?
It's not hard to see this getting a lot more nasty in the near future. Doesn't mean it'll happen, but it's wise to keep everything up to date and make sure you and your friends are aware of nasty tricks like fake security software.
That's not going to fool me, and I'm certainly not going to run an installer and hand over my password. But it would fool a whole lot of people, and I suspect if that one is successful a lot more will follow it. The model on windows lately is to make a kit where you can add features to the malware easily, for different infection methods and ways of spreading / making money. It'd make sense on the mac too - how many macs are fully patched up? All the ones that aren't are vulnerable. And how many have the latest flash player, web browser, quicktime and so on?
It's not hard to see this getting a lot more nasty in the near future. Doesn't mean it'll happen, but it's wise to keep everything up to date and make sure you and your friends are aware of nasty tricks like fake security software.
Given OSX itself pops up "Software Updates" regularly (unless you disable it) which always ask for your password (as do other things from Perian to Adobe Flash), it's not that hard for me to understand why some people who just use Macs for utility might be fooled by something like that. The whole reason people make those and other phishing type attempts to look legitimate (the PayPal type scams got a lot of easy catches) is to fool you. Now we can call people who fall for it 'fools', but it doesn't change the fact that a large percentage of Mac users (and of course Windows users) fall for this sort of thing regardless of name-calling.
I know in Windows I like the Firefox plugin for AVG that tells me of known bad web sites on Google searches so I can avoid them period. I cannot know every bad site when looking for information, but other people can and do catalog them. Even if it's not a risk for OSX, why visit a site that is known to try to harm computers? You never know; some day it might be dangerous for OSX as well.
I know in Windows I like the Firefox plugin for AVG that tells me of known bad web sites on Google searches so I can avoid them period. I cannot know every bad site when looking for information, but other people can and do catalog them. Even if it's not a risk for OSX, why visit a site that is known to try to harm computers? You never know; some day it might be dangerous for OSX as well.
What type of account do you use? I can't remember the last time Software Update asked for password authentication.
The Mac OS X Software Update usually asks for the admin password, even when running on an admin account.
It's an admin account. I'm the only user. It asks every time I install something with software update on all three of my computers using OSX.
What version of OS X? SL doesn't ask for password if the update is done using "Software Update." It does require authentication to update using a dmg.
Edit: I think version updates (i.e. 10.6.6 -> 10.6.7) and any other update that requires a restart prompts for password authentication. Small updates do not, if I remember correctly. I know the update behavior changed in SL.
Last edited:
10.6.7
It may be just for restarts (hadn't noticed), but IMO, that's 'most' of the time. But then I tend to leave auto updates off (or if not the machine is off so it doesn't see it as often, leaving more to update at a time).
I am finding mixed information about this. Some sources state no password even for major updates.
Apparently, this is because Apple implemented code signing for updates performed using System Update in Snow Leopard.
Maybe it depends on whether or not users performed a clean install versus an upgrade from Leopard.
As you suggested, maybe it is due to the interval between updating. Those that wait to update until reboot required or do not update regularly may notice always needing to provide a password.
It was a clean install on my Netbook and it still wants the password (MBP was an upgrade). I'll have to pay attention the next time I have an update that doesn't need a reboot to see if it asks for the password there, though.
I think that people who fell for this deserve to be infected. OS X is specifically set up so that any such changes need explicit authorization just so no software can self execute itself I assume. But if people are willing to install anything that pops up.. then no amount of security will save them.
Whilst no OS is bulletproof, the only time I've heard of a mac needing an anti-virus is when it's part of a Windows network and is therefore passing along data for use on Windows machines and therefore the anti-virus weeds out infected windows files to as to not infect others.
Whilst no OS is bulletproof, the only time I've heard of a mac needing an anti-virus is when it's part of a Windows network and is therefore passing along data for use on Windows machines and therefore the anti-virus weeds out infected windows files to as to not infect others.
And I think that people who think people deserve to be infected deserve to be infected.
Like Windows doesn't have the same thing on it.
The point is OSX now asks you if you want to run anything you've dowloaded off the Internet. That's enough to make anyone feel a little paranoid after awhile. As I've already pointed out, several programs (from Flash to Perian to Software Update and some others as well) ask for the admin password to install. All it takes is one web site hack to a well known app to go unnoticed for a few weeks and even the smartest user could be fooled into installing a trojan. But they deserved it so frak'em.
Like Windows doesn't have the same thing on it.
Actually, the implementation of DAC in Windows XP admin accounts, which is the default account created and the most used account type, does not provide this level of control to the user. Only a remote exploit is required to achieve system level access to install rootkits that bypass user space security mechanisms. Windows XP is still holds a majority of the global market share.
Newer version of Windows, such as Vista/7, have a high incidence rate of privilege escalation vulnerabilities that allow bypassing UAC. Many of these vulnerabilities have been used in exploits in the wild, such as Tigger/Syzor and Stuxnet. Generally, it is the Windows registry that provides a reliable vector to link local exploits to remote exploits.
Mac OS X does not have an example of this type of exploitation in malware in the wild neither does it have a system to store setting including settings for kernel space components that can be leveraged to gain privileges like the Windows registry.
And, your point is ...? It also checks those items against a list in XProtect via File Quarantine to warn users about most of the known threats to OS X, much like AV software. Of course, like AV software this is not 100% effective. It is not a replacement for applying user knowledge.
Perian, by default, installs only for the current user. It does not require authentication to install or update unless it is installed for all users.
As of Snow Leopard, most updates do not require authentication if you install every update soon after it is available. This is because the updates through Software Update are code signed. Software Update makes it very easy to stay up to date in this manner.
Most installers and updaters, including the Sparkle framework used by most third party software for Macs, verify MD5 checksums before completing an installation or update. The specific purpose of MD5 checksum verification is to prevent this type of attack.
Last edited:
Well, at least it is not so different than other malware. I was worried about it when I read the headline.