New 'MACDefender' Variant Installs Without Admin Password Requirement

[AppleDroid]

So if we don't use Safari (I use FF) then this isn't even an issue? I still cannot believe Safari has a 'open trusted files' as the default or even there at all!

Wouldn't the next thing for Apple to do is obviously get rid of that Safari option but make anything that installs require a password?

 

[GoodWatch]

I love how all the PC guys are happy! LOL!

Still... not a virus... it's Malware and I'm not clicking "Install".

Are they? Haven't the Winblows -> virus -> ha, ha, ha remarks been used to death by the happy people on this site? "I love how all the Mac guys are happy! LOL!".

 

[al2o3cr]

Who's processing payments for these slimebags?

The real question is, who's processing payments for the "MacDefender" people and why aren't they already shut down? Botnets are hard to track down since they just steal resources, but there's got to be a real connection to a real bank account in this someplace...

 

[Žalgiris]

I would say quite the opposite. PC users are used to dealing with this. For them, and me, this is nothing new.

Oh give me a break. Only from my own experience i can go clean and explain pcs of my friends and family and it won't matter how many times i do that.

 

[TheSideshow]

its those stupid pc users migrating over to apple that is making a bad name for macs

Arent those the people Macs are aimed at?

Clearly this isnt a user issue anymore if the installer downloads and launches itself surfing Google Images.

 

[r0n1n]

Coming from an all OS owner I hope at least this will stop Apple fanboys from immediately saying that "Macs don't get virus' ". Learn to pay attention to what you're downloading and take appropriate security measures on your computer.

You guys are aware that this isn't a virus, right?

At best, It's a poorly written trojan/scareware.

 

[inket]

it'll be interesting to see how Apple handles this problem..

They could only allow signed and certified packages. Like the one Apple uses for iTunes.

Big companies that provide packages that install kexts and such could get certification for free from Apple.

And hackers (good ones) who just want to mod the OS (themes etc.) will just have to copy/paste instead.

And... disable that "open safe files" for pkg and DMGs.

 

[Eddyisgreat]

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)

If someone posts a link to the payload of this variant I'll fire up a test OS X vm and make a YouTube vidjyo.

Maybe when people actually see how difficult it is to install this Trojan they'll calm down a little bit.

 

[robbyx]

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)

This is why, in the not too distant future, all Mac apps will be installed through the App Store. This kind of crap is a waste of Apple's time. No one is ever going to invent a 100% secure system. The gate keeper method probably solves 50%+ of security issues.

 

[locust76]

You probably don't have to click through the installer, but you do have to be running as an administrator. Something that no one should ever do on a day to day basis, for any reason.

You don't have to be running as an admin. It says no admin password is required, and installs in user mode for the current user.

 

[coolfactor]

Another question is where the hell are they downloading this. I still haven't come across MacDefender. And I may or may not frequent sites that shall go unnamed.

I happened onto a website that seemed to redirect to this fake Mac desktop. I didn't think much of it at the time, didn't realize it was the Mac Defender scare.

I just closed the window and moved on. No impact.

 

[TheSideshow]

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)

This is why, in the not too distant future, all Mac apps will be installed through the App Store. This kind of crap is a waste of Apple's time. No one is ever going to invent a 100% secure system. The gate keeper method probably solves 50%+ of security issues.

But then your stuck with what Apple wants you to have. Its like being in a nicely decorated jail.

 

[archer75]

Nothing can protect users from themselves. Whether it's OSX or Win7 you have to authorize apps to install or run. And if people are going to do it then they're going to do it.
I know most mac users seem to think windows just gets viruses for even looking at the net but that's not the case. You still have to authorize everything to install.

People are just ignorant about computer seucrity. Give them something to click and they'll do it. They'll click any legit looking email and start typing in passwords. People don't need to write viruses, users are happy to spread crap themselves! The OS is irrelevant with people like this.

 

[KnightWRX]

Do you like contradicting yourself? We can go back and forth between "virus"/malware argument but what's the point.

I have not contradicted myself. Go back and forth on what ? Virus is a type of malware. Spyware is another. Trojans are yet another.

There are Mac malware out in the wild.
There aren't any Mac viruses out in the wild.

Both statements are true.

 

[d4rkc4sm]

Arent those the people Macs are aimed at?

apple should start catering to real mac users again, and not to the lowest common demonator = pc users!

 

[TheSideshow]

I have not contradicted myself. Go back and forth on what ? Virus is a type of malware. Spyware is another. Trojans are yet another.

There are Mac malware out in the wild.
There aren't any Mac viruses out in the wild.

Both statements are true.

Yep

 

[*LTD*]

I have not contradicted myself. Go back and forth on what ? Virus is a type of malware. Spyware is another. Trojans are yet another.

There are Mac malware out in the wild.
There aren't any Mac viruses out in the wild.

Both statements are true.

This is correct.

 

[coolfactor]

I would say quite the opposite. PC users are used to dealing with this. For them, and me, this is nothing new. It's apple users that have been lulled into a false sense of security IMO.

Either way, most computer users, no matter the platform, are just not that tech savvy and don't get this stuff.

Your statement assumes that PCs and Macs have equal security out of the box. That's not the case. Macs are inherently more secure out of the box, without all of the hoop-jumping that PC users need to do.

 

[Michaelgtrusa]

Here we go...

 

[locust76]

I believe you are the one who is mistaken. From the article:

"...Since any user with an administrator's account - the default if there is just one user on a Mac - can install software in the Applications folder, a password is not needed..."

If you are not running as an administrator, you have to authenticate as one in order to install any software, regardless of whether or not it is for you or for everyone on the computer. Try it and see. If you find something that you can install without authenticating, let me know what it is so I can see for myself.

'nuff said.

 

[wangkom]

can't apple sue them ?

lol

 

[robbyx]

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)

Not really. They exclude so few apps. It's not in their best interest to have a limited app selection. The more the better. It's definitely the future of software distribution. It'll take a few more versions of the OS to get people used to it. But pretty soon all platforms will distribute apps this way.

 

[*LTD*]

apple should start catering to real mac users again, and not to the lowest common demonator = pc users!

Most Mac users used to be Windows users at one time or another. Including yours truly.

WTF is a "demonator"?

 

[archer75]

Your statement assumes that PCs and Macs have equal security out of the box. That's not the case. Macs are inherently more secure out of the box, without all of the hoop-jumping that PC users need to do.

Not true. We have only to look to the winner of the pwn2own challenge for defeating macs 4+ years in a row. His statement is Windows is more secure but that macs are safer. Windows has security technologies in it that snow leopard does not(Lion addresses some of those issues). Hell, SL doesn't even have the firewall turned on by default.

 

[robbyx]

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)

This is why, in the not too distant future, all Mac apps will be installed through the App Store. This kind of crap is a waste of Apple's time. No one is ever going to invent a 100% secure system. The gate keeper method probably solves 50%+ of security issues.

But then your stuck with what Apple wants you to have. Its like being in a nicely decorated jail.

Not really. They exclude so few apps. It's not in their best interest to have a limited app selection. The more the better. It's definitely the future of software distribution. It'll take a few more versions of the OS to get people used to it. But pretty soon all platforms will distribute apps this way.