Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
New 'MACDefender' Variant Installs Without Admin Password Requirement
- Thread starter MacRumors
- Start date
- Sort by reaction score
Those weren't viruses. They were trojans and malware. As in Windows didnt stop a program from being installed, just like OS X here.
Any good company (which Apple is) investigates a problem, decides what has to be done and does it.
Well that's a year and a half old.
I have about 7 computers in this house and aside from this imac they are all windows 7 x64. I can visit porn sites and pirate software all day long and still never had a virus/malware. I'd have to go out of my way to get one.
I dont think thats a fair statement...I like many Apple fans, use and enjoy Windows as well.
Until Apple gives me an affordable, user upgradeable, and HW agnostic system ...Ill still use Windows
You know I have to use your post and link as an example of how Apple fans use the term "virus" both ways. For OSX malware is not a virus but then you all use an example list this that all 10 of those are some type of trojan and under your previous defense they are not a virus.
Under what most people think of what a virus is (any type of malware) OSX has viruses. Under the rules you all use to defend apple (exactly what a virus is) Apple has no viruses.
Taking a page from Microsoft's playbook, Apple's software update will be entitled "Apple Security Essentials."
Nobody says (I hope, didn't read the full thread) that people who download it are stupid - since it happens automatically. The problem once the installer starts, that the user is selecting where to install it and clicking through the installer - that is, let's say, not the smartest thing to do (and as you mention, type their credit card info in)
I'm sure their lawyers are meeting about it now.
So true.
I agree. As time goes on this will be more common.
Kind of like Clinton arguing about what is is?
Last edited by a moderator:
trick is that it is only going to get worse. People will load in things like MACDefender into other software. Take it being cracks or pirated software. It is easier to payload the stuff in because people already are installing something so it is easy to slip it pass.
I wouldnt brag about that part
Well I could....but won't. But my buddy on the other hand....
Sophos identifies immediately
I clicked a link to a story on slashdot.org but the url was hijacked and this nasty thing started multiple simultaneous downloads to my iMac instantly. The files were small zip archives, and 2.5 copies were downloaded and one had unzipped before I could cancel the download!
I jumped to the downloads folder to kill anything that I could find...
I was pleasantly surprised that Sophos Antivirus (Free) for Mac detected the threat immediately and thew up a warning window pointing out the paths to the malware files. Sophos could not automatically remove the files, but it did point me to the exact files which had been downloaded and instructed me to manually remove the files.
No connection with Sophos other than I run their software, and obviously, I am glad that I do!
I clicked a link to a story on slashdot.org but the url was hijacked and this nasty thing started multiple simultaneous downloads to my iMac instantly. The files were small zip archives, and 2.5 copies were downloaded and one had unzipped before I could cancel the download!
I jumped to the downloads folder to kill anything that I could find...
I was pleasantly surprised that Sophos Antivirus (Free) for Mac detected the threat immediately and thew up a warning window pointing out the paths to the malware files. Sophos could not automatically remove the files, but it did point me to the exact files which had been downloaded and instructed me to manually remove the files.
No connection with Sophos other than I run their software, and obviously, I am glad that I do!
That is where I came across it too. I was in google images and macdefender downloaded when I clicked on an image. I've had this happen before. Usually it is a windows executable.
It is not usual behavior for the download window to appear with a download in progress after clicking on an image. It is obvious the file and disk image (if one opens) needs to be deleted.
I think most people getting macs do not have this euphoric mentality that they can click on anything and it is safe. The benefit of a mac is that you are extremely unlikely to encounter something that can harm you without your interaction.
There are people who will click on anything and they will get in trouble no matter the OS eventually. But is that an argument against macs being safer? I would also suggest that careless behavior such as clicking anything without thought likely suggests little concern over computers by the individual. Such people are likely to opt for cheap computers; if they are willing to click on anything without concern, then they are not concerned about specs and user interface either. Apple doesn't make cheap computers like these people are looking for. So I imagine the statistics are not in favor of many mac users clicking indiscriminately.
Exactly what I've been saying in these threads.
It doesn't matter one IOTA what the semantics are - trojan, virus, malware, etc - the general public gets an issue with their computer and it all falls under the "virus" umbrella to them. You can argue over what program/code is what all day "in here" - but in the real world - they don't care.
And "virus" is also the blame for any computer slow down amongst those not fully educated. IE - when their system CREEPS to a halt because they have 17 programs/applications open and one 2 megs of RAM. All to often (I have seen it) the first question I've been asked or overheard "I think I have a virus - my computer is operating really slow"
Just one example.
Hey if the people I'm posting that for want to use "virus" for all sorts of malware then I'll oblige.
Take it up with the other posters, not me.
Of course it isn't a fair statement. But it was for the benefit of "fanboy" hurling individuals who seem to be orgasmic over the prospect of OS X malware (while calling it a virus). It wasn't meant for fair minded and reasonable people like yourself.
Will Apple release Lion already or Safari with sandboxing already.
http://cocoaheads.tumblr.com/post/3483212346/lion-sandboxing-and-privilege-separation
Hopefully it will be a FreeBSD Jails port. Capsicum wouldn't hurt either. Running Safari in a Jail/Sandbox would stop these things cold.
http://cocoaheads.tumblr.com/post/3483212346/lion-sandboxing-and-privilege-separation
Hopefully it will be a FreeBSD Jails port. Capsicum wouldn't hurt either. Running Safari in a Jail/Sandbox would stop these things cold.
Last edited:
Still not a virus......not even close. Not even a true threat unless you really are that ignorant to put in your credit card information to a program that just pops up out of nowhere.
Not to mention, it's not even that bad of a malware to be honest. Most of the Windows malware/scareware/randsomware completely hijack the system and will not let you do anything until someone goes into the registry and messes around there, and then has to dig deep into the system files to get rid of its remains. Even most computer techs have to find a way to even allow the computer to let them get into the registry to find the malware. You can remove MacDefender and variants by simply deleting them, and they're gone. Not to mention that most Windows malware downloads and INSTALLS by itself, which is still something that this MacDefender BS cannot do.
THIS IS NOT A VIRUS (had to bold for any ignorant person still thinking that this is a virus for some reason)
Not to mention, it's not even that bad of a malware to be honest. Most of the Windows malware/scareware/randsomware completely hijack the system and will not let you do anything until someone goes into the registry and messes around there, and then has to dig deep into the system files to get rid of its remains. Even most computer techs have to find a way to even allow the computer to let them get into the registry to find the malware. You can remove MacDefender and variants by simply deleting them, and they're gone. Not to mention that most Windows malware downloads and INSTALLS by itself, which is still something that this MacDefender BS cannot do.
THIS IS NOT A VIRUS (had to bold for any ignorant person still thinking that this is a virus for some reason)
You fail for two reasons, sir.
1) You are browsing with the default options in Safari.
2) You are using an antivirus on a Mac to protect yourself from 1.
The key here is a setting in Safari that Apple hasn't changed after years of howling about poor design decisions. It isn't a low level system problem, but a high level problem that should never have been a problem in the first place.
Don't believe me?
Internet Explorer doesn't download and open "safe" files by default for this reason.
Assuming you wouldn't have sophos installed and the installer would have poped up and asked you where to install the application "XYZ" to (an application you never downloaded and never heard of), what would you have done? Select "Machintosh HD" and click through the installer or click "cancel" (or hard reset if you are the really scared type not trusting the cancel) ?
Problem is too many people don't use common sense - sophos might protect people against it after many many others ran into that problem, but there will never be 100% protection against "not thinking". Maybe it is time for better "User Education"? Maybe Apple should make an installer that asks the user if they really downloaded it and from where to verify sources? (well, hopefully not). But the minimum Apple has to do is to turn the stupid "open safe downloads" option off - that is the first thing I do on ever mac I get my hands on.
"Most people"? You have a survey to back up that argument, I assume?
In my experience, the people that fall for this kind of thing are in a fairly narrow band: they know enough about the OS and computers in general to not be frightened by an installer popping up out of the blue, but not enough to know that installers shouldn't be popping up out of the blue.
I deal with a wide variety of Mac and Windows users (albeit not in a random sampling statistical sense). I have yet to come across one who would click through such an installer. They exist, obviously. But "most" is a horrendous stretch.
I disagree, me being an advanced PC user, I've never encountered any issues with Windows, thats because I took the necessary precautions, the vast majority of people are not aware how to avoid viruses/spyware/malware, or even how to remove and deal with them..
I don't think its fair for you to say purchasing a Windows machine is not a intelligent choice, now I assume your like the vast majority of users who aren't very computer savvy and do experience crashes, viruses etc, but do not know how to deal with them..
What I find hilarious is that people often blame Windows, but fact of the matter is, its the users that cause all these issues, when you do a clean install of Windows, you'll find that it performs perfectly, but over the months and years you see performance degradation, do you think that happens on its own? no way, its because of the user..
Conclusion is if you know what your doing with regards to computers then you will have little or no issues with Windows..
And again I'm no fanboy, I actually prefer Mac OSX over Windows any day, infact I don't even use Windows anymore, unless I game.. so I'm not here taking sides, I'm just shedding light on the truth of the matter, you cannot blame Windows for the ignorance of the users..
Yes but the people proclaiming "its over" for apple users don't agree. I'm using their rules.