Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

New 'MACDefender' Variant Installs Without Admin Password Requirement

Macsterguy said:
Open “safe” files after downloading:

If this is selected, Safari automatically opens the types of files listed, but it won’t open software programs.
Click to expand...

Apparently it does it anyway ...

But even if it would not open "software programs" ... many documents can in the meantime also contain executable code --> no document/download should ever be treated as 'safe'.
 
REM314 said:
Coming from an all OS owner I hope at least this will stop Apple fanboys from immediately saying that "Macs don't get virus' ". Learn to pay attention to what you're downloading and take appropriate security measures on your computer.
Click to expand...

Macs don't get viruses

had to say it -- certainly not 100% true, but when it comes to true "viruses" I have yet to see anybody reference an actual "virus" on the mac. i am certain somebody could spend the time and find an exploit on the mac to put a virus out there, to date that has not occurred to my knowledge.

KnightWRX said:
They still don't, when did you get the impression that Macs get viruses ?
Click to expand...

Exactly!

TMar said:
Do you like contradicting yourself? We can go back and forth between "virus"/malware argument but what's the point.
Click to expand...

I'll quote KnightWRX's response first....

KnightWRX said:
I have not contradicted myself. Go back and forth on what ? Virus is a type of malware. Spyware is another. Trojans are yet another.

There are Mac malware out in the wild.
There aren't any Mac viruses out in the wild.

Both statements are true.
Click to expand...

Exactly... No operating system, no matter how secure, can prevent a Trojan. The key element of a Trojan is social engineering (i.e.: tricking somebody). It is the con-artist of malware. A virus is like a thief that breaks into your bank account without your help and steals your money. A trojan is the guy that phones you and tells you he is from the bank, needs to verify your account number and online banking password before proceeding to talk to you about some new offer, and you actually give him the information he is asking for. He then proceeds at his leisure to break into your bank account and take your money. Another analogy.... a virus is the thief that picks the lock and the trojan is the thief that asks you to open the door for him. If you open the door for the thief are you going to call the lock manufacturer and complain?

The fix for MacDefender is easy. Simply disable the option in Safari to automatically run "safe" files since obviously, Safari's definition of a "safe" file is a bit off.

For Apple, they either need to force that option to be unchecked and remove the option OR they need a much better definition of "safe file". I am of the opinion that no file should EVER be automatically executed when downloaded.
 
Last edited by a moderator:
Since macs are getting more popular, got to create more jobs by having this crap begin. Only scary part is if this truly can install without user intervention, what kind of payload will the next variant bring!
 
Yamcha said:
I disagree, me being an advanced PC user, I've never encountered any issues with Windows, thats because I took the necessary precautions, the vast majority of people are not aware how to avoid viruses/spyware/malware, or even how to remove and deal with them..
Click to expand...

One thing you should note is what "the necessary precautions" are.

Presumably, it includes installing every update Microsoft puts out the moment it is published, avoiding web sites etc which tend to hard zero-day exploits, and a healthy dose of common sense.

I don't think its fair for you to say purchasing a Windows machine is not a intelligent choice, now I assume your like the vast majority of users who aren't very computer savvy and do experience crashes, viruses etc, but do not know how to deal with them..

What I find hilarious is that people often blame Windows, but fact of the matter is, its the users that cause all these issues, when you do a clean install of Windows, you'll find that it performs perfectly, but over the months and years you see performance degradation, do you think that happens on its own? no way, its because of the user..
Click to expand...

So long as that clean install of Windows is not connected to the Internet, that is true. But, Windows has had many zero-day vulnerabilities in the past, and you also have to figure in the "Windows Update" extra vulnerability time (unless "necessary precautions" also includes burning the latest updates to disk from an up-to-date computer).

Conclusion is if you know what your doing with regards to computers then you will have little or no issues with Windows..
Click to expand...

"Little" is accurate. "No issues" is incorrect.

And again I'm no fanboy, I actually prefer Mac OSX over Windows any day, infact I don't even use Windows anymore, unless I game.. so I'm not here taking sides, I'm just shedding light on the truth of the matter, you cannot blame Windows for the ignorance of the users..
Click to expand...

I agree with this general statement. You just can't forget that user ignorance is only a part (granted, a significant part) of Windows' legendary vulnerability to viruses and malware.

It has always been true that it is a lot easier to prey on a user's delusions of knowledge and make them shoot themselves in the foot than to prey upon a system's innate security failings. Stuxnet and Conficker both spread amongst the most diligent (other than completely detached from the Internet) users' machines, taking advantage of unpatched zero-day vulnerabilities. But, that's a very different target than your average script kiddie wanting to gather up a hundred thousand CC numbers so they can sell them for a buck apiece.
 
ten-oak-druid said:
Yeah lets look to microsoft to see how it is done.

Lets compare:
Windows 7 vulnerable to 8 out of 10 viruses

And this one piece of malware discussed here is one out of millions of pieces of malware.

Frankly I do not see purchasing a windows machine as an intelligent choice at all. But fanboys will be fanboys.
Click to expand...

Do you think you could come up with some sources more recent than 2009?

I have a source here from 2010 that shows Windows 7 32-bit had an infection rate of 3.8% of machines. And Windows 7 64-bit had an infection rate of 2.5%.

And you call anyone who buys a Windows Machine, a "fanboy". Sounds like a very Fanboyish comment to me.

I have tried OS X on Tiger, and Snow Leopard, and found it simply not to my liking, I simply prefer Windows. But I guess that makes me a fanboy then.

But as you say, "Fanboys will be Fanboys"
 

Attachments

  • Infection Rates for Operating Systems.png.png
    Infection Rates for Operating Systems.png.png
    46 KB · Views: 108
Last edited:
Open “safe” files after downloading - If this is selected, Safari automatically opens the types of files listed, but it won’t open software programs.

Apple needs to remove the option and/or at least change the wording...

Removing the option will cause many more download pop-ups and people will stop paying attention and click thru...

Apple needs to make some really bad products for a while so people will go back to buying PC's...
 
flopticalcube said:
Has a third party confirmed this or are we taking the word of a company that sells av software?
Click to expand...

Don't ruin the game ... they are intego invested money in creating their mac apps and they need people to buy them now. They can only keep they hype up by updating with more and more information

Seriously: I think its true, but still no cause of sleepless nights
 
The most funny part of this whole news item...

Even macrumors users don't know the difference between a virus and maleware..

I saw some posts... omg, I couldn't stop laughing.

I love all you people!!!! But get you facts strait. <straight (sry I am Dutch, and trusted my apple spellcheck)


O en btw... for all the people that feel the need to make clear Apple has maleware just as much as microsoft... If people write maleware or a virus for an OS... it means it's successful.. So cry your harts out!!

And another thing... the REAL problems and the real maleware and viruses.. that are used by the serious people.. And I don't mean some semi-class russian mafia... but the real deal... hehe, Thats some other level of hacking... Your "detectable" virus or maleware is peanuts compared to the thing that are financed by some big groups. Even system managers in big company's sometimes don't acknowledge that it could be the case there whole network has been hacked.. We Just Don't Know half of it. As long as we have not detected it.... Once in a while we find these kind of things, an believe me, the biggest security guys I know are still amazed for a while.. these hackers are really really clever, and on a completely different level as 99% of the other hackers.. We can't be sure but we think this all goes cross platform.
 
Last edited:
World Citizen said:
The most funny part of this whole news item...

Even macrumors users don't know the difference between a virus and maleware..

I saw some posts... omg, I couldn't stop laughing.

I love all you people!!!! But get you facts strait.
Click to expand...

And some users don't know the difference between straight and strait. :rolleyes:
 
DavidLeblond said:
Can you guys please stop saying "Uhh this isn't a virus!" Back in the DOS days Trojan Horses were called Viruses. They started being called "Malware" when anti-virus companies realized they could charge people twice for protecting against two different things. Its safe to assume people are talking about "Malware" when they are saying the word "Virus", nitpicking over the two is stupid and makes you sound arrogant in my opinion.
Click to expand...

Virus are hiding in existing files, ie, existing applications or documents. They are very difficult to detect and remove without anti-virus software (how would you tell that your recent Word document contains a virus?).

They are on a different level because you cannot easily find and remove them. Everybody with any basic computer knowledge can remove this malware.
 
Some people are overly excited about this news.

I told my wife about this who is the least technical person you will ever meet. Her words...

"I can't believe how stupid people can be to fool for this!?"
 
Macsterguy said:
Open “safe” files after downloading - If this is selected, Safari automatically opens the types of files listed, but it won’t open software programs.

Apple needs to remove the option and/or at least change the wording...

Removing the option will cause many more download pop-ups and people will stop paying attention and click thru...

Apple needs to make some really bad products for a while so people will go back to buying PC's...
Click to expand...

The wording is technically correct. It's not launching any 3rd party software programs. It's launching the package file which launches Installer which is Apple software. The Apple software then, if the user clicks through, installs the 3rd party software.

The point is, it's not automatically running 3rd party code. It's automatically running safe, Apple code. What you do at that point is effectively outside of Safari's scope of caring.

Should Installer automatically run? Well that's a separate issue.
 
Old vs New from a Mac evangelist POV

Old:
Mac users are far more intelligent
Evangelize Apple to Windows users to show the light
Macs dont get "viruses" used as a catchall for malware
Macs users dont need to worry about malware
Mac users need to download malware and install it to get it
Macs need the password to be entered to install malware

New:
Mac users are falling victim to malware because idiotic Windows users switching
Macs still dont get "Viruses" (Does not apply to malware and trojans anymore)
Malware has been an issue previusly, is now, and will continue to be
Mac users still need to click a continue on a self downloading and opening installer
Macs dont need to enter the password to fall victim anymore to certain malware



*These do not necessarily reflect my views and opinions
 
TMar said:
Do you like contradicting yourself? We can go back and forth between "virus"/malware argument but what's the point.
Click to expand...

but...a virus is a virus. and there are no viruses on mac os x, despite there having been viruses on 9.

you cant just change the definition of language because you dont like it.
 
Benjy91 said:
Do you think you could come up with some sources more recent than 2009?

I have a source here from 2010 that shows Windows 7 32-bit had an infection rate of 3.8% of machines. And Windows 7 64-bit had an infection rate of 2.5%.

And you call anyone who buys a Windows Machine, a "fanboy". Sounds like a very Fanboyish comment to me.

I have tried OS X on Tiger, and Snow Leopard, and found it simply not to my liking, I simply prefer Windows. But I guess that makes me a fanboy then.

But as you say, "Fanboys will be Fanboys"
Click to expand...

Agreed everybody should use what they like best (for me its Mac OS). But one rule is true for all operating systems: The biggest security thread to the system is the user - if common sense is used you should be mostly fine. I was using Windows since 3.11 and my last windows machine was a vista box. I never ever had a virus or malware on my machine. Every OS can be used in a safe way and you can take down every system with malware - all depends on how you use it.

That whole name calling is just stupid - luckily it's just a minority, but unfortunately it is a pretty loud minority.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back