Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
After seeing at least two posters refer to this as a "virus", I'm sitting here doing a face palm. One more "it's a virus" comment and I'm moving up to the double face palm...
 
Bigger, most Windows PC have anti-virus, can you say the same for Macs?

It's Malware, not a virus. Big difference. Also, it's only related to Safari, WITH Open Safe files after downloading enabled. Otherwise, it requests that you open it, and enter a username/pass for the Admin account...

It's only "Bigger" if you're gullible enough to download it, and install it without checking first...
 
Mac OS X fanboys really need to stop clinging to the mentality that "viruses" don't exist for OS X

Why, do you have proof of a virus for OS X ? Because if you do, let's see it.

The fact is, the days of viruses are long gone. It's not the easiest nor most effective sort of malware you can make. Like you state yourself, even windows these days is mostly virus free. Currently, spyware is all the rage, trojans have always been a good vector and the occasional worm when a remote execution/privilege escalation bug pops up can create some havoc.

But good old viruses ? Almost no one plays with those black arts anymore...
 
haven't seen this malware first hand, but a zip file can be made with absolute paths, making "unzipping" the file put everything where it needs to be to start up automatically on next log in/reboot.

Who's the brainiac who made zip files "safe" ?

Archive Utility will not extract these type of ZIP files to their system paths. I believe it will force the use of relative paths. I really doubt any reports that this malware can be installed without user interaction.
 
Please, enlighten us how "Unix Security" is protecting you here, more than it would on Windows ? I'd be delighted to hear your explanation.

A lot of people trumpet "Unix Security" without even understanding what it means.

The Unix Permission system, how a virus on Windows can just access your system and non-owned files, where Unix/Linux dosen't like that.

But of course it dosen't protect agaisn't bad passwords or stupidity.
 
Why, do you have proof of a virus for OS X ? Because if you do, let's see it.

This is exactly the kind of ignorance I'm referring to. The vast majority of users don't differentiate between "virus", "trojan", "phishing e-mail", or any other terminology when they are actually referring to malware as "anything I don't want on my machine." By continuously bringing up inane points like the above, not only are you not helping the situation, you're perpetuating a useless mentality in order to prove your mastery of vocabulary.

Congratulations.
 
Users are of course reminded that day-to-day system usage with standard accounts rather than administrator ones, as well as unchecking the Safari option for automatically opening "safe" files, are two of the simplest ways users can enhance their online security, adding extra layers of confirmation and passwords in the way of anything being installed on their systems.

um, NO THANKS. why in the world would i add "extra layers of confirmation" to my OS X experience?!?! If I wanted nag windows, I'd use Windows!
 
The Unix Permission system, how a virus on Windows can just access your system and non-owned files, where Unix/Linux dosen't like that.

Is your info from like 1993 ? Because this little known version of Windows dubbed "New Technology" or NT for short brought along something called the NTFS (New Technology File System) that has... *drumroll* ACLs and strict permissions with inheritance...

Unless you're running as administrator on a Windows NT based system, you're as protected as a "Unix/Linux" user. Of course, you can also run as root all the time under Unix, negating this "security".

So again I ask, what about Unix security protects you from these attacks that Windows can't do ?

And I say this as a Unix systems administrator/fanboy. The multi-user paradigm that is "Unix security" came to Windows more than 18 years ago. It came to consumer versions of Windows about 9 years ago if you don't count Windows 2000 as a consumer version.

This is exactly the kind of ignorance I'm referring to. The vast majority of users don't differentiate between "virus", "trojan", "phishing e-mail", or any other terminology when they are actually referring to malware as "anything I don't want on my machine." By continuously bringing up inane points like the above, not only are you not helping the situation, you're perpetuating a useless mentality in order to prove your mastery of vocabulary.

Congratulations.

Wait, knowledge is ignorance ? 1984 much ?

The fact is, understanding the proper terminology and different payloads and impacts of the different types of malware prevents unnecessary panic and promotes a proper security strategy.

I'd say it's people that try to just lump all malware together in the same category, making a trojan that relies on social engineering sound as bad as a self-replicating worm that spreads using a remote execution/privilege escalation bug that are quite ignorant of general computer security.
 
This is exactly the kind of ignorance I'm referring to. The vast majority of users don't differentiate between "virus", "trojan", "phishing e-mail", or any other terminology when they are actually referring to malware as "anything I don't want on my machine." By continuously bringing up inane points like the above, not only are you not helping the situation, you're perpetuating a useless mentality in order to prove your mastery of vocabulary.

Congratulations.

Really? If they cannot differentiate b/w viruses, they have no right to comment on them. There's some basic education involved in dealing with such things.

If you cannot differentiate b/w a guest and an intruder, it's not my fault.
 
Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_1 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8G4 Safari/6533.18.5)

scoobydoo99 said:
Users are of course reminded that day-to-day system usage with standard accounts rather than administrator ones, as well as unchecking the Safari option for automatically opening "safe" files, are two of the simplest ways users can enhance their online security, adding extra layers of confirmation and passwords in the way of anything being installed on their systems.

um, NO THANKS. why in the world would i add "extra layers of confirmation" to my OS X experience?!?! If I wanted nag windows, I'd use Windows!

I despise the "X is a file downloaded from the Internet" dialog introduced in SL. Really wish you could disable it.
 
Last edited:
Archive Utility will not extract these type of ZIP files to their system paths. I believe it will force the use of relative paths. I really doubt any reports that this malware can be installed without user interaction.

You're right, I just tested this. A zip file created with -jj (absolute paths) does not unzip to the absolute paths using Archive Utility. It unzips it to the current path.

So this requires 100% user intervention to install.
 
Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_2_1 like Mac OS X; en-gb) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C148 Safari/6533.18.5)

MisterMe said:
WOW! Malware that requires the user to do a Google search, then download, and install. For all of this, it asks for your credit card number.

How can we ever defend our computers against such a diabolical threat?!

Most Malware requires direct user intervention, people are idiots.
 
This is exactly the kind of ignorance I'm referring to. The vast majority of users don't differentiate between "virus", "trojan", "phishing e-mail", or any other terminology when they are actually referring to malware as "anything I don't want on my machine." By continuously bringing up inane points like the above, not only are you not helping the situation, you're perpetuating a useless mentality in order to prove your mastery of vocabulary.

Congratulations.

Stupid people will be venerable to malicious intent no matter what the form or operating system. I find *nix has no viruses tune wholly justified until reality differs.
 
The fact is, understanding the proper terminology and different payloads and impacts of the different types of malware prevents unnecessary panic and promotes a proper security strategy.
To the end user it makes no difference. It's fine if you know, but to a novice quickly correcting them on the difference between a virus, a trojan, or whatever else contributes approximately zero percent towards solving the problem.
I'd say it's people that try to just lump all malware together in the same category, making a trojan that relies on social engineering sound as bad as a self-replicating worm that spreads using a remote execution/privilege escalation bug that are quite ignorant of general computer security.
I'd say a social engineering attack is worse than a virus, because social engineering attacks succeed far more often than viruses do. Glass is half full.
Really? If they cannot differentiate b/w viruses, they have no right to comment on them. There's some basic education involved in dealing with such things.

If you cannot differentiate b/w a guest and an intruder, it's not my fault.
I have no idea how this is relevant to anything I've brought up. "I agree."
 
To the end user it makes no difference. It's fine if you know, but to a novice quickly correcting them on the difference between a virus, a trojan, or whatever else contributes approximately zero percent towards solving the problem.

I'd say a social engineering attack is worse than a virus, because social engineering attacks succeed far more often than viruses do. Glass is half full.

I have no idea how this is relevant to anything I've brought up. "I agree."

From one of your posts:

The vast majority of users don't differentiate between "virus", "trojan", "phishing e-mail", or any other terminology when they are actually referring to malware as "anything I don't want on my machine.

What I am trying to say that there needs to be awareness and if a person cannot differentiate, then its his/her problem.
 
It is safer to run under an administrator account all the time in OS X than in Windows. On Windows, the administrator is almost the equivalent to the root account on *nixes and as such has unrestricted access to any and all files on the system.

On OS X and other *nix systems, however, the administrator account still can't do all that much without entering the root password. Admin accounts can't touch anything in the System folder. About the worst malware can do, even under an admin account in OS X, is one of the following:

1) Install itself in your user account Library folder
2) Install itself in the system's secondary Library folder (/Library/)

In both cases, the offending executables/libraries/whatever are easily removed - In the case of #1, create a new account and copy your old stuff over. In the case of #2, check the startup folder within, perhaps frameworks in some cases (though I have never seen malware that makes use of the OS X framework system) and delete the malware files. The files and folders contained in the Library folder are all nicely, neatly labeled and any malware should stick out like a sore thumb - it can't hide as something like EXPLORE32.EXE.
 
I Gots the Herpes!

Is it still the cold & flu season?

Waiting for the 1st complaint here how they got a virus on their Mac by doing absolutely nothing after clicking & downloading and unzipping and installing & entering admin password only to be stumped as to which credit card they should use when a panel pops up to buy MacDefender.

Where are these peoples parents when they’re doing this?
 
Still insignificant compared to Windows rogues.

Windows rogue do more to the system.

Hopefully, Chrome, Firefox and Opera users will be safe.
 
It is safer to run under an administrator account all the time in OS X than in Windows. On Windows, the administrator is almost the equivalent to the root account on *nixes and as such has unrestricted access to any and all files on the system.

On OS X and other *nix systems, however, the administrator account still can't do all that much without entering the root password. Admin accounts can't touch anything in the System folder. About the worst malware can do, even under an admin account in OS X, is one of the following:

1) Install itself in your user account Library folder
2) Install itself in the system's secondary Library folder (/Library/)

In both cases, the offending executables/libraries/whatever are easily removed - In the case of #1, create a new account and copy your old stuff over. In the case of #2, check the startup folder within, perhaps frameworks in some cases (though I have never seen malware that makes use of the OS X framework system) and delete the malware files. The files and folders contained in the Library folder are all nicely, neatly labeled and any malware should stick out like a sore thumb - it can't hide as something like EXPLORE32.EXE.

Yep. This is what Unix security means. Tight permissions control. Permission checking needs to at some point become a background service though, because the way it is, if some badly written application with root access changes the permissions on a folder for whatever reason, it's possible for malware written to look for these permission problems to take advantage of it. But other than that, yes, there is no way to access files outside of /Library and /Users/[username] without permission.
 
Is your info from like 1993 ? Because this little known version of Windows dubbed "New Technology" or NT for short brought along something called the NTFS (New Technology File System) that has... *drumroll* ACLs and strict permissions with inheritance...

Unless you're running as administrator on a Windows NT based system, you're as protected as a "Unix/Linux" user. Of course, you can also run as root all the time under Unix, negating this "security".

So again I ask, what about Unix security protects you from these attacks that Windows can't do ?

And I say this as a Unix systems administrator/fanboy. The multi-user paradigm that is "Unix security" came to Windows more than 18 years ago. It came to consumer versions of Windows about 9 years ago if you don't count Windows 2000 as a consumer version.



Wait, knowledge is ignorance ? 1984 much ?

The fact is, understanding the proper terminology and different payloads and impacts of the different types of malware prevents unnecessary panic and promotes a proper security strategy.

I'd say it's people that try to just lump all malware together in the same category, making a trojan that relies on social engineering sound as bad as a self-replicating worm that spreads using a remote execution/privilege escalation bug that are quite ignorant of general computer security.

Great post! I think the biggest reason security has been so problematic on Windows, aside from the fact that it's the biggest target, is that the default user type is administrator.
The kind of issue in this case, caused by user ignorance, is really the only threat that exist for Windows since XP SP2. Internet Explorer has had sufficient, but very annoying, security measures against this since version 7 and I'm surprised Safari can let these kind of things slide through so easily.
Security in Windows has been pretty solid for years now, but that hasn't stopped many Linux/Unix/OSX-fanboys from claiming Windows security is like a swizz cheese. They don't even bother to do some research, they just keep shouting the same old mantra.
 
Sure it is Malware, but that doesn't mean it's not a threat to Mac users, a decent amount of Mac users are not very knowledgable when it comes to computers, I can see a lot of people going ahead with this install, why? well it says MacDefender, people could confuse it for an anti-virus software, so yeah I mean its entirely possible that someone could install this..

Anyway, it's to be expected, infact when Mac OS does become more popular I think we will clearly find viruses, malware and spyware, that day OSX will become a lot like Windows.. Even anti-viruses today for Windows are not able to get rid of every virus, you have to constantly do updates, even then theres always new viruses, and your not always going to be protected..

But I don't think that'll happen anytime soon..
 
So that brings the grand total to what, 3 pieces of malware in the wild since 2001?

And still no viruses.

Nothing to see here. Again.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.