Lets not start requiring users to actually read on this site.
Oh snap!
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
New 'MACDefender' Variant Installs Without Admin Password Requirement
- Thread starter MacRumors
- Start date
- Sort by reaction score
Lets not start requiring users to actually read on this site.
Oh snap!
Can't. I had several tabs open with potential pages to look at, and I don't know which one started the download. Not worried about it, 'cause OS X did (to my mind) the right thing. It showed me something was downloading. I knew I hadn't asked for anything to download so I looked at it, recognized it as the MacDefender (or variant - I forget), cancelled the download, deleted it. Moved on to find the picture I wanted.
My point is that a) I wasn't surfing dodgey sites, and b) a download did start automatically.
I do have Java/Javascript turned on, but "open safe files" turned off. Javascript probably allowed the download, but then I was protected by the "open safe files" being off.
Fond memories. I moved to Macs from OS/2. Still being developed, though IBM has sold the rights to eComstation. The OS/2 GUI had a couple of features I would love to see on OS X. Apple and IBM collaborated on, iirc, Taligent. Some of that work made it into OS X, but there was one in particular that didn't make it into OS X that would have been a killer feature. Oh well. Fond Memories, but no regrets leaving Warp behind.
For anyone affected by this one of the local Mac Shops in SLC has posted a removal program
http://www.simplymac.com/blog/2011/05/updated-macdefender-removal-app/
It works well, i used it on my moms MBP after she got it
**note** I am in no way affiliated with, or promoting Simply Mac, I am just passing along a tool that has helped me, and others to the other Mac Users.
http://www.simplymac.com/blog/2011/05/updated-macdefender-removal-app/
It works well, i used it on my moms MBP after she got it
**note** I am in no way affiliated with, or promoting Simply Mac, I am just passing along a tool that has helped me, and others to the other Mac Users.
Apple and IBM collaborated on, iirc, Taligent. Some of that work made it into OS X, but there was one in particular that didn't make it into OS X that would have been a killer feature. Oh well. Fond Memories, but no regrets leaving Warp behind.
I had forgotten about after the IBM/MS split with OS/2 IBM worked with Apple for a while..
Was that the project code named Pink?
I never got a chance to work with Warp but i did work with OS/2 pre-warp abit
My apologies to other members here for hijacking this thread..
Exactly what does MacDefender do? If I was dumb enough to install it wouldn't Little Snitch be bugging me every time MacDefender tries to call home?
Whew.
Yep, social engineering malware is where it's at now. It's easier than writing viruses and generally it's platform-agnostic which is why this scareware technique is effective on a Mac just as it is on a PC. All this Windows vs OSX stuff is good entertainment, but at this point they are extremely similar in all the important respects, and both are reasonably secure OSes. Malware is attacking the weakest component, which nowadays is that thing between the chair and the keyboard. That should be the real takeaway for the Mac community here. Cybercriminals realize Mac owners have money, and they'd like to steal it, and the polished glass and silver fruit logo isn't scaring them off.
Talkin about whats a virus versus a trojan etc may be useful if your goal is to establish that your OS is better than the other guy's OS... but who cares. Your OS can be fort knox but if the user gets outsmarted by the criminal that will be of little comfort.
Yep, social engineering malware is where it's at now. It's easier than writing viruses and generally it's platform-agnostic which is why this scareware technique is effective on a Mac just as it is on a PC. All this Windows vs OSX stuff is good entertainment, but at this point they are extremely similar in all the important respects, and both are reasonably secure OSes. Malware is attacking the weakest component, which nowadays is that thing between the chair and the keyboard. That should be the real takeaway for the Mac community here. Cybercriminals realize Mac owners have money, and they'd like to steal it, and the polished glass and silver fruit logo isn't scaring them off.
Talkin about whats a virus versus a trojan etc may be useful if your goal is to establish that your OS is better than the other guy's OS... but who cares. Your OS can be fort knox but if the user gets outsmarted by the criminal that will be of little comfort.
swingerofbirch
macrumors 68040
I finally had it happen to me. Twice within a couple of seconds. I loaded my "Everything" group of tabs that I open every day, so I am not sure which site triggered it. They are known sites to me, such as macrumors, and several news sites. A pop up appeared saying something about suspicious activity and there was no choice but to click OK. Then some other page appeared that tried to emulate the look of the Finder showing bogus infected files. And then within seconds something had downloaded and was trying to install itself called Mac Guard--I think. I quit the installer of course, but this does start to get a bit sketchy and it definitely feels like a "cheap" experience to have this happen to you. Not something I had expected to deal with on a Mac. It's a nuisance if nothing else, and possibly a sign Apple may need to do something more to prevent these annoyances and hopefully squash the possibility of something more harmful appearing on the Mac. For just browsing a web-site--and not even skeezy web-sites--it seems odd to me.
I unchecked the "Open safe files after downloading" box under Safari's preferences. And I guess for now I'll just delete these files Safari downloaded. I would start considering an anti-malware/virus program at this point if the consensus were that a good one was available.
I unchecked the "Open safe files after downloading" box under Safari's preferences. And I guess for now I'll just delete these files Safari downloaded. I would start considering an anti-malware/virus program at this point if the consensus were that a good one was available.
As long as you do what I've bolded in your response above and are careful about what software you install, you don't need antivirus software to keep your Mac malware free.
I'm curiously interested too. If "MacDefender" successfully installs on a computer, what does it do exactly?
From what I've heard (I haven't been infected myself) it launches multiple porn sites and asks for your credit card details to purchase the 'MACDefender Anti-Virus' software. The ordering process appears to fail, to encourage you to try with more and more credit cards. Of course, nothing is being purchased, someone is just gathering your credit card details.
This has happened to me twice today in Firefox while using Yahoo! Mail.
I had to force quit both times, and both times when I relaunched Firefox, it returned. I took a screen shot the second time and can post if necessary.
Considering this malware can install without an admins password, how do I know for sure that it did not download anything to my computer?
Do you feel it is still safe to shop online/can it steal passwords?
Thank you!
I had to force quit both times, and both times when I relaunched Firefox, it returned. I took a screen shot the second time and can post if necessary.
Considering this malware can install without an admins password, how do I know for sure that it did not download anything to my computer?
Do you feel it is still safe to shop online/can it steal passwords?
Thank you!
You still need to consciously click through several install steps before you're at any risk. If you didn't knowingly click the 'Install' button, you're fine.
Carry on shopping online, you're fine. Have a look in your Downloads folder and just delete any files that were downloaded at that time, you will probably find a couple of Zip's.
Žalgiris;12630439 said:
This thing is starting getting on my nerves.
Real OS, Real Multi-Tasking, and now real Viruses?
Stop making stuff up because you don't bother to look up a definition or just making your own one for the sake of your arguments.
They aren't making stuff up. Mac Defender is not a virus, it's a trojan. It relies on user interaction in order to install itself. It does not self-propagate at all.
Real multi-tasking usually means Pre-emptive multi-tasking, where the OS process scheduler is what decides what gets executed, whereas cooperative multi-tasking (fake multi-tasking), the app is responsible for relinquishing control to backgrounded tasks once it goes into a waiting state.
Real OS that is a toughie. An OS is an OS. No matter if it's single-task, single user (DOS) or Multi-task, Multi-User (OS X).
The only reason these comments get on your nerves is because you probably don't know much about malware and don't understand the distinction. I recommend reading up about it if you want to participate in these discussions in a meaningful way.
No wonder Apple dropped the "Get a Mac" ads where they mentioned NO VIRUSES over 9,000 times.
lolololololololololololololol
But malware like this on Windows wouldn't be, to most people on here.
Mac users are PC users, and certainly not immune to stupidity.
There are still no Mac viruses even though there's been Mac malware around for a while.
We covered this a couple of pages ago.
My argument wasn't regarding MACDefender - I know isn't a virus. I'm arguing against the misuse of definition.
I know that people use real/fake adjectives related to a definition such as multi-tasking. However, people doing this are mostly not educated on what the definition is in the first place and usually bring the level of ignorance up a notch in the forum. And this goes back since the iPad came out and since is taking momentum.
I just would like people to use right definition in their arguments because most times they lead the discussion to nonsense.
Actually, there are. http://www.iantivirus.com/threats/index/query/V/
Perhaps you meant there are no viruses on "Apple OSX Intel"?
Your right I have been telling some of the diehards here that Hacking is on its way to the Apple platform. They just enjoy badmouthing me and saying I dont know what I am talking about. Just this morning the news told of how Lockheed Martins Security Networks have been hacked. This was traced to the RSA Security arm of EMC Corporation. EMC provides protection for most Fortune 500 companies, military contractors and the pentagon.
If this can and is happening to one of the supposedly most secure and protected systems in the world. A system that stores some of the top secret codes of our nuclear weapons etc. I would only think that the diehards on this forum who state the Mac OS is impermeable unless the operator just allows it to happen, would contact RSA & Lockheed telling them to just install the Apple OS and their worries will be over. Yeah right .
http://gizmodo.com/5806485/lockheed-martins-security-networks-were-hacked
Higher profile people have been saying the same for over 7 years, still has yet to materialise though :
http://daringfireball.net/2011/05/wolf
Not saying it will never happen (it likely will one day), but you'd be foolish to claim that this particular incident is definitely the start of a some kind of onslaught.
I am not saying anything except that to think the OS X or something else Apple puts out next, is not being considered by the criminals who write the bad things for computers........that is what is foolish in my view. The bad guys are smarter than you give them credit. We will just have to watch and learn.
The only 100% secure system is a system that is closed loop and not connected to the rest of the world.
I am willing to bet the nuclear weapons stuff for example it is impossible to hack into it because you need a physical connection with the network to get into it.
Another example is for NASA space launches between Florida and Houston there is a wire in the ground that directly connects those 2. You can not hack into mission control at all. It is IMPOSSIBLE to hack into it. Reason is you need a physical connection with that network to do it because it is not hook up to the internet at all.
It's true that there were viruses that affected Mac OS 9 and earlier. None have ever existed in the wild that run on Mac OS X. The iAntiVirus list is bogus, though. For more details, read this.Actually, there are. http://www.iantivirus.com/threats/index/query/V/
Perhaps you meant there are no viruses on "Apple OSX Intel"?
No system is hack-proof and there have been instances of successful hacking on every platform, including Mac OS, for years. This is nothing new.
Lockheed isn't running Mac OS X, so the simple fact that they were hacked is not relevant, except to prove that no system is hack-proof, as has been said many times.
You're obviously confused between hacking attacks and trojans. Like every OS, Mac OS X is NOT impermeable to hacking attacks or immune to malware. The fact is, the only Mac OS X malware that exists in the wild at this time is in the form of trojans, which the user must actively install. As for hacking, there little or no motivation for a hacker to attack a typical user's computer, whether running Mac OS X or Windows, because the average user has nothing of significant value to the hacker. Obviously, a company like Lockheed is a more inviting target to a hacker, because it has information of far greater value than that found on an average individual's computer.
You keep getting rebuttals to your posts because you fail to understand the true nature of the malware landscape and you fail to understand what those who know what they're talking about have been saying. I encourage you to read the bullet points at the bottom of this post.
Well done Apple, looks like they did exactly this in the security update that just came out:
From http://support.apple.com/kb/HT4657