New 'MACDefender' Malware Threat for Mac OS X

[GGJstudios]

I've read reports that, if you have the open safe files thing on and you're running in an admin account, some variants will install themselves without any user intervention. Scary stuff if it's true.

Not true. User intervention is always required for installation. The most the installer can do is launch, but the user must actively proceed with the installation, including entering the admin password. It doesn't matter if you're running as a standard or administrative user.

*edit* I just watched the video above and I guess this is the MacDefender.. wow, interesting I got hit with this 3 days ago.. gonna double check make sure nothing went through.

Yes, it's the MacDefender. If you didn't proceed with the installation, entering your admin password, then nothing was installed. Simply delete the install package. Read this for more details: Mac Virus/Malware Info

I was surprised to FINALLY see malware show up for OSX

Malware has always been around for Mac OS X, but only in the form of trojans like this one, which the user can easily avoid, and which cannot infect a Mac unless the user actively installs it.

 

[Eddyisgreat]

I've read reports that, if you have the open safe files thing on and you're running in an admin account, some variants will install themselves without any user intervention. Scary stuff if it's true.

It isn't true.

 

[gnasher729]

Safari is a very unsecure browser. Apple got lazy on it. That's why I've not used it in years.

Not at all. Safari will per default open installer packages with the Apple Installer. This is a perfectly safe operation - opening an installer package will _not_ cause any damage to your computer. It allows you to install software if you wish to do so, and it requires you to enter your admin password in order to do so. No admin password, nothing happens.

I've read reports that, if you have the open safe files thing on and you're running in an admin account, some variants will install themselves without any user intervention. Scary stuff if it's true.

And I've seen a screenshot that someone posted showing that there were 70 viruses on his Mac. Oh, that was "MacDefender"s fake virus scan. No, what happens is that lots of things are reported by either clueless or malicious ****s who leave out the criticial detail that there is _no_ way to install software from the internet on a Macintosh without typing your admin password. Scary stuff if it was true, and Windows users can tell you all about it, but not on the Mac.

 

[MagnusVonMagnum]

All of the numbers you quote are based on your own assumptions, none of which are proven to have any basis in fact. You're making it up as you go along.

At least they're intelligent educated guesses based on reality (most people have owned more than one Mac; I own 3 with OSX right now and I'm far from a fanatic) compared to most of the arguments I see on here which are based on errors, lies and obvious emotionalism.

The figure was based off documented numbers (50 million from last year unlike your '100 million' number you apparently pulled out of thin air) plus another 20 million for the following year (being optimistic) and using documented numbers from companies that decided to quit supporting PPC because of a lack of hits from them and estimating about 2 Macs per person on average over the past decade (quite possibly much higher than that). 30 million Mac users is a tiny fraction of the worldwide computer user population. We have dozens of computers at work just in our department and a couple run Unix and the rest run Windows. There isn't a Mac in the whole building. 3-4 out of a hundred computers actually in use (not just sold which is what the news figures have to use) sounds generous to me.

Regardless, even if it were 70 million actual users (compared 1+ billion Windows users), there's still a reason that there aren't more trojans for the Mac than there are and it has nothing to do with Unix or Mac security since it's not based on security but ignorance and/or gullibility. So this idea that obscurity isn't a factor what-so-ever is absurd, IMO. I can probably agree about viruses, but not other forms of malware like trojans. Given the hits at Apple lately, I'd say this trojan was more than a little successful at finding victims, despite some claims that Mac users are somehow smarter than the rest of the planet. But the fact is they would still get 20-30x more hits releasing it for Windows instead. Would you rather make $1000 or $30,000? THAT is the most likely reason why we don't have many trojans, etc. You go where the money is no matter what the profession or scam.

Nope. Being right means I'm right.

Here's a prime example. No logic. No argument. Just I'm right.

And you know what, I'm done with you. It's taking too much effort to resist blasting you for your arrogance and risking getting myself in trouble with the rules for language, so instead I'm just going to add you to my growing list of

Arrogance? I'm not the one without an argument just proclaiming I'm right.

I'm here to have rational discussions about topics, not deal with emotionalism and fanaticism. Maybe the forums could have a special forum just for fanaticism that the rest of us could lock out and then all the Apple worshipers can pat each other on the back there and pretend the rest of the world doesn't exist. That would be better than having to block every single user (from either side), wouldn't it?

 

[GGJstudios]

most people have owned more than one Mac

Baseless assumption.

plus another 20 million for the following year

Baseless assumption.

estimating about 2 Macs per person on average over the past decade

Baseless assumption.

We have dozens of computers at work just in our department and a couple run Unix and the rest run Windows. There isn't a Mac in the whole building.

That's only one company, and not necessarily representative of the world.

3-4 out of a hundred computers actually in use (not just sold which is what the news figures have to use) sounds generous to me.

Baseless assumption.

70 million actual users

Baseless assumption.

compared 1+ billion Windows users

Baseless assumption.

 

[MagnusVonMagnum]

Baseless assumption.

Baseless assumption.

Baseless assumption.

Baseless assumption.

Baseless assumption.

Baseless assumption.

GGJstudos's latest reply is a prime example of the over-emotionalism and illogic I keep talking about present on these forums that just wastes people's time. He also demonstrates he cannot tell the difference between estimation based on real world data and a "baseless" assumption. Perhaps he should buy a dictionary? The basis has been reported many pages ago and summarized in the past post.

They say you can lead a horse to water, but you cannot make it drink. I think this is a true statement.

 

[GGJstudios]

GGJstudos's latest reply is a prime example of the over-emotionalism and illogic I keep talking about present on these forums that just wastes people's time. He also demonstrates he cannot tell the difference between estimation based on real world data and a "baseless" assumption. Perhaps he should buy a dictionary? The basis has been reported many pages ago and summarized in the past post.

They say you can lead a horse to water, but you cannot make it drink. I think this is a true statement.

There's nothing emotional about my post. As I said before, you're making numbers up. You have no factual evidence that your assumptions are in any way related to real-world experience. You have no idea how many Macs the "average" buyer owns. You have no factual evidence that there are a billion+ Windows users or computers in use. You made up a 20 million number of Macs sold, rather than using Apple's published sales figures. Your estimates are based on your own uninformed opinion, not on "real world data".

 

[MagnusVonMagnum]

There's nothing emotional about my post.

So you just un-emotionally post the same crap over and over? Yeah right.

As I said before, you're making numbers up. You have no factual evidence that your assumptions are in any way related to real-world experience. You have no idea how many Macs the "average" buyer owns. You have no factual evidence that there are a billion+ Windows users or computers in use. You made up a 20 million number of Macs sold, rather than using Apple's published sales figures. Your estimates are based on your own uninformed opinion, not on "real world data".

I don't make squat up, unlike you.

1+ Billion PCs in 2008 (projected to be 2 Billion by 2014)
http://www.gartner.com/it/page.jsp?id=703807

Total Intel Sales (about 53 Million up to 1Q 2011 from 2005):

http://www.macworld.com/article/59141/2007/07/appleearnings.html
+
http://www.infosyncworld.com/reviews/cell-phones/apple-sales-and-revenue-charts-2007-2011/11957.html

Data supporting percentage of PPC versus Intel:

http://www.adium.im/sparkle/?year=2009&week=

That's about 3.5% or about 1.85 million active PPC users. It's a rough estimate based on one application, but comparable to the 95%+ estimates for Intel versus PPC I've seen on other application sites. Let's call it 2 million users (compare that to the 25 million figure you were floating back in your earlier post that didn't account for any lost computers to attrition).

That puts the total number of Macs in use (not iOS and assuming ALL of those Intel computers are still being used, which obviously isn't realistic either, but will err on the high side for your benefit) at about 55 million Macs world-wide and does NOT account for any users that own more than 1 Mac. (that's already less than 5% of total PCs worldwide, given it should be about 1.3-1.5 BILLION now according to the earlier article).

According to this poll, over 80% of Mac users own at least 2 Macs (many own over 3!):

http://hints.macworld.com/polls/index.php?pid=howmanymacs

So using just a figure of 2 (extreme low-ball), that puts the total of Mac users at 27.5 Million actual USERS, which is EXACTLY where my figure was estimated to be (it's actually lower given losses in Intel machines and that most Mac users own closer to 3 Macs).

There's your "baseless" assumption.

 

[GGJstudios]

1+ Billion PCs in 2008 (projected to be 2 Billion by 2014)
http://www.gartner.com/it/page.jsp?id=703807

That's PCs... as in personal computers... which is not OS-specific and includes Mac, Windows, Linux, Unix, etc. That's not a billion+ Windows systems.

Total Intel Sales (about 53 Million up to 1Q 2011 from 2005):
http://www.macworld.com/article/59141/2007/07/appleearnings.html
+
http://www.infosyncworld.com/reviews/cell-phones/apple-sales-and-revenue-charts-2007-2011/11957.html

Accurate Apple sales data is available directly from Apple:
1st Q 2010: Macs sold: 3.36 million
2nd Q 2010: Macs sold: 2.94 million
3rd Q 2010: Macs sold: 3.47 million
4th Q 2010: Macs sold: 3.89 million
Total Annual Mac sales: 13.66 million, not your made-up number of 20 million for a year.

According to this poll, over 80% of Mac users own at least 2 Macs (many own over 3!):
http://hints.macworld.com/polls/index.php?pid=howmanymacs

A poll on a Mac site with only 3,867 votes is FAR from conclusive. I could poll 3,900 on a Windows site and come up with an average of zero Macs. This is another example of your flawed assumptions, that the "average" Mac owner frequents Macworld.com, which isn't true. Mac enthusiasts are more likely to own more than one Mac than the "average" consumer.

I stand by my statement: you're making it up as you go alone.

 

[munkery]

….

This is out of curiosity and not meant to be a part of your discussion with GGJ.

I am interested in the figures you provided. Thank you very much in your efforts to find that data.

http://marketshare.hitslink.com/operating-system-market-share.aspx?qprid=8

That link shows that OS X has 5.40% of the global market share.

A link you provided, along with a good estimate on your part, suggests that the number of computers online is around 1.4 billion.

So, 5.40% of 1.4 billion is 75.6 million.

I agree many Mac users have more than one machine. But, many Windows PC owners have multiple systems as well.

Also, most computers are used by multiple users so any argument based on multiple machines to one user is possibly negated by machines also being used by multiple users.

I do not think it is possible to get accurate data on the number of users given all the confounding variables that impact the data. So, lets assume that these factors negate each other for the most part.

Then, that number, 75.6 million, does represent the number of Mac users.

 

[MagnusVonMagnum]

That's PCs... as in personal computers... which is not OS-specific and includes Mac, Windows, Linux, Unix, etc. That's not a billion+ Windows systems.

Linux and Mac are negligible overall. Call it one billion instead of 1.5 billion if you like. It doesn't change a darn thing in the context of the original point, which you don't seem to comprehend.

Total Annual Mac sales: 13.66 million, not your made-up number of 20 million for a year.

NOWHERE did I EVER say "20 million in a year".

I don't care where you get your numbers from, they are still the same. I posted graphs of all Intel sales from 2005-1Q 2011 instead of 24 quarterly reports reports from Apple. It's about 52 million Macs total. You posted 1 year. You have no point.

A poll on a Mac site with only 3,867 votes is FAR from conclusive. I could

All polls are based on limited sampling. The idea here it simply to get a rough estimate of actual users versus total computers sold. Apple's statistics only account for actual computers sold. The total number of users HAS to be less if even ONE person owns more than one Mac. How much less could be argued. But it's beside my original point that obscurity is most definitely a factor in why the Mac has less malware overall than Windows machines. Unix security could account for the reason we have no viruses, but it has NOTHING to do with the relative lack of trojans on Macs to Windows machines since a trojan bypasses security by using user ignorance or gullibility to install itself. All these people saying that obscurity has NOTHING to do with it are fooling themselves since there is no other factor I've seen or heard about to account for the difference in trojans. You go where the money is and the Mac market is slim pickings for scam artists, pure and simple.

I stand by my statement: you're making it up as you go alone.

Given I've quoted the proof and cited my sources which undeniably proves I didn't just make anything up. Either way, your posts are utterly worthless, IMO.

This is out of curiosity and not meant to be a part of your discussion with GGJ.

I am interested in the figures you provided. Thank you very much in your efforts to find that data.

http://marketshare.hitslink.com/operating-system-market-share.aspx?qprid=8

That link shows that OS X has 5.40% of the global market share.

A link you provided, along with a good estimate on your part, suggests that the number of computers online is around 1.4 billion.

So, 5.40% of 1.4 billion is 75.6 million.

I agree many Mac users have more than one machine. But, many Windows PC owners have multiple systems as well.

Also, most computers are used by multiple users so any argument based on multiple machines to one user is possibly negated by machines also being used by multiple users.

I do not think it is possible to get accurate data on the number of users given all the confounding variables that impact the data. So, lets assume that these factors negate each other for the most part.

Then, that number, 75.6 million, does represent the number of Mac users.

There's the question of where they are getting their statistics from. Are they polling computers that access a given site or sites on the Internet, for example? That won't account for Windows machines that are not using the Internet for general surfing, for example. At my workplace we have dozens of WindowsXP machines that are controlling industrial equipment and a few Unix ones as well (no Macs). They are not connected to the Internet. As a part of the larger company I work for as a whole, there are hundreds of thousands of PCs in that same type of setup for my company alone.

Thus, it's entirely possible that the Mac could have 5.4% of the consumer/general use market, but make up a smaller portion of the overall market. There are few using Linux for consumer use, but there are a LOT of Linux machines used in servers. Without knowing the source of the statistics, it's hard to ascertain the relevance of the overall figure. Either way, Apple only sold about 52 million Intel machines and I can guarantee your that there are not over 20 million PPC machines still in use or I'd be able to get a lot more software than I can for PPC at this point (most developer sites are reporting 90-95% Intel use versus PPC, which is why they are dumping PPC. Well that and that Xcode4 doesn't support it and many don't have test machines to even test a universal build).

But even if there were 75 million Mac users, it's still a small fish for people that develop trojans to steal identity information, which is why I still believe that 'obscurity' DOES help the Mac market avoid such things. I've never argued that's why we don't have any viruses, but viruses aren't the only forms of malware out there. My original post that seems to have generated all these responses from two people on here simply suggested that obscurity is ONE factor overall (whereas some people seem to deny that it has ANYTHING to do with it at all, even with trojans which are just bogus normal programs designed to trick you into giving the information away, a glorified program version of phishing and it has NOTHING to do with Mac security and therefore that cannot be the reason to account for it. And I've not seen any other reasons suggested for why that might be for trojans, just people attacking my opinion that it is).

 

[GGJstudios]

NOWHERE did I EVER say "20 million in a year".

... plus another 20 million for the following year

All polls are based on limited sampling. The idea here it simply to get a rough estimate of actual users versus total computers sold.

No reputable polls take a limited sampling from a biased source. That's like taking a poll inside the Democratic National Convention to determine what percentage of the nation will vote for the Democratic ticket. Your deductions are flawed because your assumptions are flawed because your sources are flawed. You can avoid all this nonsense if you just stick to stating your opinion as exactly what it is: your opinion, rather than trying to pass it off as some sort of fact.

 

[Member(TM)]

Not true. User intervention is always required for installation. The most the installer can do is launch, but the user must actively proceed with the installation, including entering the admin password. It doesn't matter if you're running as a standard or administrative user.

That's not totally correct. While it's true that user intervention is required, an installation package may be built that doesn't prompt you for your admin password and is still able to install files in your Applications folders if you are running as an administrative user.

However, to my knowledge, no code from the developer of the package will run until the user accepts to proceed with the installation, so I don't consider this a vulnerability. But some people think that they are safe as long as they don't enter their admin password, and such confidence is not completely justified.

there is _no_ way to install software from the internet on a Macintosh without typing your admin password.

This proof of concept I've built seems to prove otherwise:

(Link no longer available. Removed)

If you are running as a standard user it will fail. But if you are running as an administrative user it will install an application named "test" in your Applications folder, no password required.

You could also build an installation package that can be run by a standard user, but it would only affect that user's home directory.

 

[munkery]

....

Net Marketshare aggregates data from a very large sample of well known websites. AFAIK, it sets the standard for this type of service.

Machines not connected to the internet are most likely missed by this type of market share statistic. But, your estimate of "hundreds of thousands" in your company alone seems like a hyperbole. But, I can see your point. With the intel switch, many Mac users most likely upgraded. These two factors (LAN only machines and low PPC usage) most likely put the number at around 55 million.

So, 55 million probably does represent the number of users given all the other confounding variables presented in my previous post.

In relation to LAN only machines, all machines on the network are exposed to malware as long as one machine on the network is exposed to the internet. I doubt not a single machine is connected to the internet in your company. Sophisticated malware in the wild shows that this is true.

I do agree that market share affects the prevalence of unsophisticated malware, such as MACDefender and its variants, that require a lot of user interaction to install. This type of malware will always be an issue on any OS given that it does not rely on any vulnerabilities to function. But, they also can be easily avoided with a little bit of safe computing knowledge. There is only so much the software vendor can do to keep users safe given that AV software and other security systems that rely on database systems of known threats are not 100% effective.

The ease of exploitation is the primary factor in the prevalence of malware infections that require little (just visiting a website leading to exploitation to system level) or no (server-side remote system level exploitation) user intervention. Much of the malware issues of Windows is due to XP admin accounts not implementing DAC; not implementing DAC allows system level access without privilege escalation included in the exploit. A client-side exploit hosted on a web site is able to install a rootkit without privilege escalation in XP admin accounts. The same issue with AV software applies here but in this situation the user has no defence.

The low rate of privilege escalation vulnerabilities and using DAC by default has insulated OS X from this type of more sophisticated exploitation. Macs are further buffered from these threats because Windows XP is such an easy target.

If you look at the trend of privilege escalation vulnerabilities in OS X per year or OS version, the volume of privilege escalation vulnerabilities has been dwindling over time. Lion is about to be released and Snow Leopard only had 2 privilege escalation vulnerabilities. Not all vulnerabilities are exploitable. And, one vulnerability was in a no longer used system call that was fixed by removing it from the OS.

It is not that no one is looking for these vulnerabilities. This type of vulnerability is used in iDevice jailbreaks. Most of those vulnerabilities used in jailbreaks are not found in OS X. Why, different architecture with different security mitigation implementations (NX, ASLR, ProPolice)? New drivers for new hardware implementations? I don't exactly know why.

The inverse is true for Windows. With each new OS release, the number of privilege escalation vulnerabilities increases. A majority of these privilege escalation vulnerabilities are related to other vulnerabilities that have been used in exploits in the wild and proofs-of-concepts. Again, not all vulnerabilities are exploitable but the higher volume of these vulnerabilities increases the likelihood that some will be exploitable. Is the increased rate in these vulnerabilities due to UAC being a newly implemented privilege separation mechanism so the bugs are still being worked out (when compared to similar systems in OS X and Linux)? Is it due to the Windows registry leaving kernel-mode drivers more exposed to attack (this makes sense)? Again, I don't exactly know why.

 

[munkery]

That's not totally correct. While it's true that user intervention is required, an installation package may be built that doesn't prompt you for your admin password and is still able to install files in your Applications folders if you are running as an administrative user.

However, to my knowledge, no code from the developer of the package will run until the user accepts to proceed with the installation, so I don't consider this a vulnerability. But some people think that they are safe as long as they don't enter their admin password, and such confidence is not completely justified.

This proof of concept I've built seems to prove otherwise:

http://www.dadatic.com/Testing.pkg

If you are running as a standard user it will fail. But if you are running as an administrative user it will install an application named "test" in your Applications folder, no password required.

I understand (and praise) those who are cautious enough not to try an application from a stranger. But if you have a spare Mac for testing you can see that it works.

You could also build an installation package that can be run by a standard user, but it would only affect that user's home directory.

Applications that can install without password authentication, such as drag-and-drop apps and that PoC, are not able to modify the system-level of Mac OS X.

Rootkits, such as keyloggers that are able to bypass user space security mechanisms to log protected passwords and other sensitive web form data, have to be installed at the system-level to function.

User interaction via password authentication or privilege escalation exploitation are the two methods used to access the system-level to install malware that bypasses the user space security mechanisms.

There is no example of privilege escalation exploitation being used in malware targeting Mac OS X.

See my previous post above for further details.

 

[Member(TM)]

Applications that can install without password authentication, such as drag-and-drop apps and that PoC, are not able to modify the system-level of Mac OS X.

That's true. However, they can do harm. They can for example modify other applications in the Applications folder. They can also install themselves as login items so that they silently run whenever you log in. They can send spam. They can delete, modify or spy your personal files.

Not as bad as compromising your whole system, but bad enough.

Not all malware needs full privileges.

 

[MagnusVonMagnum]

I admit I forgot about that estimate so I apologize for that, but it was purely an estimate on the high side for sake of argument. In other words, it benefited your argument, not mine. And before you roll your eyes too much, don't think I haven't forgotten about your 100 Million figure. What was that based on?

No reputable polls take a limited sampling from a biased source. That's like

Show me any other polls available for Macs per household and I'll accept your argument. I'm using the best available data to determine an estimate of actual users. The point was never to determine the exact number, but to simply refute the idea that there are actually 50-75 Million Mac users out there (and 75 million was your estimate of the revised 50 million + 25 million PPC users, which there is simply no way that there's that many left or their software wouldn't be drying up). Unless there are one heck of a lot more Hackintosh users than anyone suspect, it's not even possible to have numbers in that range.

50-55 million is a fair estimate of actual Macs out there and I don't think 30 million users is that hard to believe given educational and even some business deployments and many users either replacing a machine every other year or owning more than one at a time (desktop + notebook for example). I sure as HELL did not just make that number up as you suggest, however.

Regardless, even if it were 100 million, I see no other plausible explanation for the lack of trojan type malware on the Mac other than there's more money to be made off fish in the Windows pond. If you have another explanation, let's hear it.

 

[munkery]

That's true. However, they can do harm. They can for example modify other applications in the Applications folder.

They can not modify applications owned by system in SL, such as the default apps (Safari, Mail, iTunes, etc) and apps installed via the Mac App Store.

They can also install themselves as login items so that they silently run whenever you log in.

For what purpose if they can't collect valuable data such as passwords and sensitive web form data?

They can send spam.

They can not send spam from Mail.app if you have your email accounts securely configured. Don't keep your keychain entries for your email accounts in your login keychain and keep the email account's keychain locked except when accessing your accounts.

They can delete, modify or spy your personal files.

Backups via Time Machine and encryption using sparse bundle disk images will mitigate the impact of prank style attacks or data access. See the link in my sig for more details.

Unless the data on your system is valuable intellectual property, no one wants your data. That is why this type of data access is rare even in Windows. Those that are exploited in this manner typically work in government settings. Even in these attacks, privilege escalation is required to log FTP passwords so that the attacker has an easy method to access and transfer data on the target system.

Credit card data is only valuable in bulk. On average, credit card data is only worth 50 cents per set of info to malware developers and black hat hackers. Their revenue comes from selling the credit card data on credit card dump websites.

No one is going to spend any effort to get credit card data from a single non-server target via malware or hacking unless the target makes it unreasonably easy for that data to be accessed.

Botnets, that install malware at the system level to collect sensitive data, are used to collect credit card data in bulk by infecting a large number of system using automated malware attacks. Botnets plague Windows XP because system level access is easy compared to other OSs.

Web app exploitation (SQL injection, PHP, CMS, & etc.), such as used in HB Gary and PSN network, is used to extract that data from servers in bulk. Web app exploitation is easier than client-side app exploitation. Web app exploitation also yields more valuable data.

There is no motive in going after relatively difficult targets that yield very little valuable data when successfully exploited. Macs are difficult targets because privilege escalation is difficult so getting valuable data is less likely and the volume of data on any system is tiny compared to a server.

 

[GGJstudios]

That's not totally correct. While it's true that user intervention is required, an installation package may be built that doesn't prompt you for your admin password and is still able to install files in your Applications folders if you are running as an administrative user.

My statement is completely correct. If you read the context, I was referring to the MacDefender and variants. None of the MacDefender variants will install without user intervention. I was not referring to some proof-of-concept that doesn't exist in the wild.

 

[munkery]

....

It is also easy to assume that people sell the older machine when they upgrade in short intervals and that users with more than one machine most likely have a desktop that has several users and a laptop for personal use. I don't see any reason to scale back the number of users from 55 million given those factors most likely negate each other.

You also have to remember the fact that many trojans can install in the system level of Windows XP admin accounts without authentication. The ease of the target is a factor.

For example, Microsoft IIS, which has roughly 30% market share, is exploited much more than Apache, which sits at roughly 60%, due to Microsoft IIS being the much easier target.

 

[MacmancUK]

Avalanchers.com RSS downloads Malware

Avalanchers.com RSS feed, some webpages download the mac malware programme, my iMac uses camino and every time a download starts, it tells me, so I stop it.

 

[GGJstudios]

Avalanchers.com RSS feed, some webpages download the mac malware programme, my iMac uses camino and every time a download starts, it tells me, so I stop it.

Read this: Mac Virus/Malware Info
The first section of that link deals specifically with the MacDefender/MacSecurity/MacProtector issue. I encourage you to read it.

 

[MacmancUK]

Read this: Mac Virus/Malware Info
The first section of that link deals specifically with the MacDefender/MacSecurity/MacProtector issue. I encourage you to read it.

I was aware of that fact, but thank you for pointing it out.
Avalanchers.com RSS is the point !

 

[GGJstudios]

I was aware of that fact, but thank you for pointing it out.
Avalanchers.com RSS is the point !

MacDefender can be encountered anywhere on the web, including Google search results, Yahoo, Facebook and many other sites.

 

[Member(TM)]

My statement is completely correct. If you read the context, I was referring to the MacDefender and variants. None of the MacDefender variants will install without user intervention. I was not referring to some proof-of-concept that doesn't exist in the wild.

I didn't see clearly from the context if your "always" referred only to MacDefender or to any package installation, but thank you for the clarification. I don't know if you are completely correct, but I don't have proof otherwise.