Apple Investigating 'MACDefender' Malware, Support Staff Barred From Assisting Customers

[Thunderhawks]

Oh yeah, like the thing says "Download Virus Now"! It tricks people into downloading the file by passing itself off as something legit.

Now, as to those who actually open the file and install to see what it is...

Duh.

How do you tell Grandma and young kids not to click on anything?
(I know I do, but.....................)

They usually just want to get rid of all the pop ups and the windows, so they can go on with what they were doing.

If you set up anybody else's computer, make yourself the administrator and don't give them the password.

Install LOG ME IN (Free for up to 5 computers) and whenever they have something that requires installing they need to ask you.

Not a cure all , but it helps

 

[W1MRK]

I wonder what types of sites these people are visiting to get these popups. I have not seen one of these popups yet.

I did a google search last night for Hi Res images of Beaches. I clicked on one that was about 2.3mb 3000X1800 jpeg and when I did the picture appeared and then vanished to the software install of MacDefender. Went right to the install screen. I stopped everything and force quit. Force Quit called it "Installer" Then went and deleted the installer from downloads.

Scary but from what I can tell no damage done

 

[cadillac1234]

A couple of questions mostly because my dad is waiting on delivery on a MacBook Air and he is the target audience for one of these 'malware infections'

a) This only occurs in Safari? y/n

b) Only occurs because the Safari enable 'open safe downloads' box is checked? y/n

c) I use Firefox with adblock so I never have seen this pop up. Is using this setup a fairly good method for a naive, new Mac user?

Thanks

 

[WestonHarvey1]

The level of elitism going in in this thread is disgusting.

I agree.

Doesn't anyone remember the time when your friends and family would call you constantly and you'd have to go over and fix their computers because of all this crap? Then we convinced them to switch to Macs and the calls stopped, completely.

Let's hope we don't start getting those calls again. "Stupid" people deserve a nice computer too, and we deserve our sleep.

 

[*LTD*]

Wirelessly posted (Mozilla/5.0 (iPad; U; CPU OS 4_2 like Mac OS X; en) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C134b Safari/6533.18.5)

I was afraid it was only a matter of time before such things began to appear with the increasing popularity of Macs and Apple products. Thankfully OS X isn't a business system such as Windows (In popularity that is), so hackers may be less inclined to work on hacking it. However, it doesn't mean OS X is 100% safe from anything, no OS can tout such.

The only app I can recommend to help defend against such things is "Little Snitch," not for anti-virus but it keeps a good track of incoming and outgoing requests, whether you want to approve or deny them and until quitting the app or forever. Plus you can modify/add rules.

Begin to appear?

This happens every 2-3 years. It isn't the harbinger of anything. We'll be going through this nonsense all over again in another 2-3 years. We get a new trojan each time.

Sorry, But supplies are limited to 1 per occasion. So collect them all!

 

[Popeye206]

I agree.

Doesn't anyone remember the time when your friends and family would call you constantly and you'd have to go over and fix their computers because of all this crap? Then we convinced them to switch to Macs and the calls stopped, completely.

Let's hope we don't start getting those calls again. "Stupid" people deserve a nice computer too, and we deserve our sleep.

Amen!

With this one, it seems that they've intercepted or infiltrated Google Searches to present the Malware... seems like Google better get on the stick and eliminate this from their searches.

 

[GGJstudios]

a) This only occurs in Safari? y/n

b) Only occurs because the Safari enable 'open safe downloads' box is checked? y/n

The site with the bogus "virus scan" animation will appear, regardless of the browser used. The download of the installer package may occur, as well. AFAIK, only Safari has the option to automatically launch the downloaded file.

c) I use Firefox with adblock so I never have seen this pop up.

It doesn't mean you won't. There are two things that could be perceived as a "pop up": First, the website that looks like a virus scan console appears. With that, an installer file is downloaded. Second, if the downloaded installer launches, you get an installation "pop up", asking you to complete the installation, which requires entering your admin password.

 

[notjustjay]

Sadly, this is probably going to make Apple all the more determined to encourage users to install everything through the App Store instead of downloading installers willy-nilly from anywhere on the internet.

In the end, this particular malware plays on social engineering. Anyone can create a web popup that looks like an official dialog box and says "Hey you! Your Mac has a virus! Download and install me and I'll fix it for you! Just click here!" And your mother (and mine) might well just say "Oh my! I guess I'd better download this!" and, as Steve would say, "Boom!"

 

[shartypants]

Oh no, has it started? Having to use antivirus software blows.

 

[waldobushman]

Yahoo -- not a surprise

This tried to install on my MacBook Pro last night and I immediately cancelled and deleted the file ASAP!
And for the record I got this after clicking on a link from Yahoo! News.

I've been telling my wife to stop using Yahoo for years. She constantly gets popups of all kinds navigating around Yahoo and many are clearly malware.

Yahoo is a cesspool of malware links, from my view. Never go there, never will.

 

[GGJstudios]

Oh no, has it started? Having to use antivirus software blows.

You still don't need antivirus software to protect your Mac; only common sense and a bit of awareness.

I've been telling my wife to stop using Yahoo for years.

MacDefender isn't a Yahoo issue. It's not related to any particular site.

 

[samcraig]

The comments from some of the rabid Apple fans are funny.

You just never know if they're going to take the angle that Apple's hardware is for educated, elite and for those that can afford it. Or if they are going to play they Apple is for everyone - especially those that just want something to work without thinking about anything.

A bit of a catch-22 and hypocritical for such "fans" to comment either way on - especially since they keep swapping their "view" to whatever suits their argument.

It's also sad.

 

[nagromme]

The design of OS X (under the hood and user-facing) helps keep Macs secure.

The smaller number of Macs helps keep Macs secure too.

Neither factor is perfect protection, and nobody (but strawmen) thinks they are.

Both factors are great things, resulting in one more reason to choose a Mac!

And neither factor is changing any time soon. Someday, in theory, the Mac might lose one of those advantages out of many... but today, Macs remain more free of malware, and I don’t see the problem reaching Windows proportions for years. If ever.

Meanwhile, Apple keeps improving the OS. Let’s hope this instance leads to more of that! Blaming the victim is absurd. I blame the malware writers

 

[ggg05a]

I'm a Mac fan as much as the next guy on here but with comments like those above I can see why it's easy for some people to dislike Apple fans.

All this elitist, 'educated minority' talk is shameful. To essentially say that owning a Mac should be reserved for techies and the highly computer literate is beyond ridiculous. Macs appeal to all kinds of people - and so they should. I've sold many Macs to pensioners who turned away from PC's because they were too complicated - they loved learning to use a Mac though. These are some of the kind of people who install this software, because they don't always know better about malware.

Apple is popular, and it's only becoming more so, the elitist lot need to accept that or move on to something else - I'd suggest Linux.

You are daft.

The same people who click on this stuff are the same ones who send the credit card numbers to Dr. Numanpeachu in Nigeria to claim their lost family fortune.

Sorry, no sympathy. Just a tiny pit of common sense would say something is horribly wrong.

 

[scoobydoo99]

Macs have appealed to less than tech savvy users for quite some time. "It just works" isn't a tagline for those with exceptional tech skills.

No, people with exceptional skills would prefer a product with the tagline "It doesn't work for s***."

Perhaps I could interest you in a Microsoft product?

 

[jc1350]

I wonder what types of sites these people are visiting to get these popups. I have not seen one of these popups yet.

Years ago an NFL team's official site was hacked and was spewing a Windows virus easily spread via IE. I forget which one.

Call me cold, but I have absolutely 0 "zero" sympathy for people who download anything they hadn't requested, had just popped up unannounced.

What happened to the average Mac user being educated?

I no longer blame end users 100%. Look at all the new things that make life easier by being more automated. What large and medium size company these days doesn't automatically push software to end users (think Microsoft Systems Management Server as an example). What people don't know is what happens behind the sense and so they think this malware crap is no different than their employer pushing a software package.

Yes, that's it. Because educating people is never the answer.

Devils advocate - my in-laws are always spreading garbage email. Examples: "actual photos of space shuttle Columbia exploding in space, caught by Israeli spy satellite." The photos are screenshots from the movie Armageddon. I have gotten a slew of political based ones that are all filled with lies or "inaccurate info." I tell them to at least check snopes.com. But, they never do. Education only works if people want to put forth a little effort. Some don't.

But it's not a virus. It's a trojan. An "antivirus solution" will do them no good.

It may not be a virus, but there's nothing stopping antivirus software from scanning it while it's being written or on access and alerting the person because it matches a known signature. True viruses are a dying breed, but that doesn't negate the usefulness of antivirus software. Maybe they should be renamed to 'anti-malware' packages instead.

 

[ericinboston]

I supposed it is to be expected that with the number of Mac users greatly increasing the virus and alike would begin to target the OS more often...

Exactly...and it's only going to grow/continue with more viruses/malware on Mac OS...no matter what Mac fans believe.

Also, for those on this forum that are calling the users idiots, they're not...this malware is what's called social engineering...the app does not pop up and say "I'm a nasty malware app! Do you want to install me?"...it pops up with a nice logo, looking professional, and has a seemingly nice name called Mac Defender. It would be similar to a supermarket employee asking you if you'd like to try a piece of chicken...why not...they look like an employee and they're obviously sitting there in plain view so the store knows he/she is there...what are the odds that you are going to be give anthrax-laced chicken?

Similar malware has popped up in the Wintel world and I've seen it...and man does it look legit. But, I knew it was fake and I also did not need it because I already had an a/v package. So I didn't allow it.

Now....Apple should really help folks out...after all those Mac vs PC ads where Apple claimed no viruses/malware, here we are. As well as all the promotions of "it just works" and similar stuff. Come on, Apple...help in some fashion...don't just turn people away. Of course this could be some super evil plot by Apple to finally have a reason for all Mac apps to be "approved" by Apple before they can be installed on your Mac.

 

[phillymjs]

Ha, educating the users.

Yes, that's it. Because educating people is never the answer.

Call me jaded, but if nineteen years in IT has taught me anything, it's that educating people is almost never the answer-- not because it's not a great idea, but because people just don't want to learn and you only end up getting frustrated trying to teach them. They also can't be bothered to read-- whether it's the FAQ, the wiki, or the exquisitely-detailed, screenshot-laden, idiot proof documentation you wrote up in a futile attempt to "teach a man to fish," after having to show them how to do something for the tenth time.

The same people suckered into installing this crap will be just as quick to fall for the next one... "Oooh, you mean I can see pictures of (cute kitties/Pippa Middleton naked/Bin Laden dead) if I just download and run this executable? Then download and run I shall!"

I do mostly back-end stuff now, because I got burned out dealing with people who refuse to engage their brains before clicking on something. And those people are legion.

 

[miles01110]

You still don't need antivirus software to protect any computer; only common sense and a bit of awareness.

Fixed that for you.

 

[mytdave]

true problem...

It's a true problem, cause you can never underestimate user stupidity.

MacOS X is going to become more of a target, not just because the installed base is growing, but because with that growth comes a large population completely clueless people. These less bright people will install malware on their Macs which will open the doors to viruses and botnets.

 

[GGJstudios]

Fixed that for you.

It didn't need fixing. There are still true Windows viruses in the wild that could infect a Windows system without the user's knowledge or permission. That's why antivirus is still useful for a Windows system.

 

[miles01110]

It didn't need fixing. There are still true Windows viruses in the wild that could infect a Windows system without the user's knowledge or permission. That's why antivirus is still useful for a Windows system.

Sorry, but you know just as well as I do that viruses do not appear out of thin air. It has to get on your system some how; and that is *always* due to something the user has control of.

 

[Blue Fox]

I purposely downloaded this to see what the big fuss was over. Firstly, it took me forever just to find a site that actually would download it without me clicking on something.

It does download by itself, and then it launches the installer. YOU HAVE TO INSTALL IT YOURSELF. Meaning I had to go through the whole installation process, type in my User Name AND Password, then launch it and click the "This program was downloaded from the internet, are you sure you want to open it" button, click Open, and THEN bam, I have a malware.

But it's easier than pie to get rid of, you can just simply delete it.

People would have to be pretty spaced-out to willingly go through all of this for something they didn't download themselves. I is still COMPLETELY 100% the users fault that they get it. But it DOES NOT install itself, it just downloads by itself and launches the installer.......which is why Mac OSX has been praised as "virus free" for years as the OS does not allow the crap to auto install, the user is the one who has to install it, and in this case, people are.

But as it has been said, malware has been around for a while now for Macs, just not on a large scale. But I will say (being I used to be a PC tech), that Windows auto downloads, executes and installs without anything needed from the user, and then you have a completely highjacked machine that requires you to dig through the registries, replace core system files, etc. With this you just delete and it's gone, and it doesn't affect any major files (at least none that I could find so far, and I was comparing all system folders to my Time Machine backup a few hours earlier, and haven't seen anything so far and I've gone through everything).

 

[darrenmoffatt]

The number of times I've heard "stupid" in this thread is discouraging. Especially when Mac OS X was specifically designed and advertised to appeal to users that just don't want to have to think too much about the computer they are using ("it just works!"). I'm not sure where this sense of elitism or intelligence just because you use a Mac comes from. They weren't designed to test your intellectual prowess, they were designed to be an easy to use product for the general user.

Everyone has fallen to some method of social engineering whether we like to admit it or not (I've clicked things out of curiosity, sometimes I like to live dangerously). I've seen people who have devoted their lives to brain surgery back home fall victim to malware, does that in turn make them stupid?

Malware can be very convincing for a lot of people and your ability to tell the difference doesn't separate you from the average person, it just means you can tell the difference between what is malware and what is not.

 

[GGJstudios]

Sorry, but you know just as well as I do that viruses do not appear out of thin air. It has to get on your system some how; and that is *always* due to something the user has control of.

They can appear by connecting an external drive or flash drive or opening an email attachment or visiting a website or any number of activities. The virus can spread without the user knowing that it has spread. A trojan needs user permission to be installed; a virus doesn't.