Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

New Variant of 'Mac Defender' Quickly Evades Apple's Security Update as Cat-and-Mouse Game Begins

The reason Apple doesn't want to directly address this is what happens when there are 10 or 100 malware apps like this? Are they really going to have Security Updates for them all? Apple's current solution won't scale unless they put significant amount of resources into it like Microsoft has. If not, they are going to get horribly burned by the multitude of malware variants.
 
fishmoose said:
But there's no permanent solution for you not to get another ear infection. And there's no permanent solution to eliminating malware problems no matter the platform.
Click to expand...

you're talking about something different here. there's "cure" and then there's "immunize". no one's talking about immunity here. and for that matter, there *are* vaccinations against illnesses.
 
Running a Standard Account

If I don't run in admin mode and run in standard mode instead, will I be safe from the malware? Also will installing iAntivirus help at all? :confused:
 
TheLee said:
thanks, i'm here all night.

seriously though, are they not teaching metaphor in schools these days? let me be more literal: just because the incentive may exist does not mean that the reality is there.
Click to expand...

That was too easy. But really, if you're going to use a metaphor, use one that suits.

DanMan93 said:
If I don't run in admin mode and run in standard mode instead, will I be safe from the malware? Also will installing iAntivirus help at all? :confused:
Click to expand...

The latest version can install without an admin password so I imagine standard user accounts are also affected.
 
dagamer34 said:
The reason Apple doesn't want to directly address this is what happens when there are 10 or 100 malware apps like this? Are they really going to have Security Updates for them all? Apple's current solution won't scale unless they put significant amount of resources into it like Microsoft has. If not, they are going to get horribly burned by the multitude of malware variants.
Click to expand...

Sorry to be a broken record, but it's not like the malware puts itself there. You have to do it yourself for the most part.

It's like meeting a nympho outside an STD clinic. What do you think is going to happen if you have an encounter there? Odds are...
 
I can totally imagine Steve Jobs getting news of this, clapping his hands together and saying: "Well, team... Looks like we got a challenger. How bad should we kill him??"

lol
 
gkpm said:
The difference between anti-virus companies and doctors is that the anti-virus companies employ the same people who can write viruses. Most are actually ex-black hat and did so in the past (tend to be the best at figuring out how to detect them)

Doctors don't employ viruses/bacteria/etc that cause diseases. They also don't need to because those patogens can replicate and mutate themselves, so there will never a shortage of them.

It's pretty clear that with today's complex viruses someone is bankrolling them, they're not done by bored teenagers anymore. Detecting such viruses before the competition is a big money business, therefore it's quite safe to assume the AV companies are behind many of them.
Click to expand...

(bolded part in question) Really? jump from vague contingencies to a firm conclusion? and i don't know where you get your numbers that "most are actually ex-black hat."

obviously someone is bankrolling malware writers. how about, i don't know, organized crime? there's big money in getting cc information and getting people to fork over their cash under false pretenses. and aside from organized crime, the only major counterexample i can think of is Stuxnet which may have been bankrolled by the US government.

you realize that many computer malware actually *do* replicate and mutate themselves (at least more sophisticated ones)?

people really need to read up more about the AV industry and security issues before tossing around wild theories.
 
gkpm said:
How does Security Essentials help when trojans are changing hours after the detection signatures were updated?

Hint: it doesn't. They signatures not updated in real time.

No need to bring in the anti-virus when the problem aren't viruses, they're trojans.
Click to expand...

I said it's a good deal more, and it is. It does more than just trojans. At no point did I say it was bulletproof.
 
GFLPraxis said:
I'm amazed people are still stupid enough to manually download and run this considering all the press coverage it has received.
Click to expand...

I have only heard/read about this on MacRumors. CBC radio isn't talking about it and I haven't seen it on TV either.



s.
 
BLACKFRIDAY said:
I wonder, you'd say the same thing if your mom or dad would have caught up with this.

Not everybody is smart or a genius.
Click to expand...

It takes very little to think if your that dumb then yes even my parents deserve it. But they don't because they actually think first.

Even in old age they ask and learn about the real world and not walk in a fog. Yes my parents are dam cool. :cool:
 
DanMan93 said:
If I don't run in admin mode and run in standard mode instead, will I be safe from the malware? Also will installing iAntivirus help at all? :confused:
Click to expand...

You'll be safe by just turning off "Open safe files" in Safari, and not running dodgy applications that the browser downloaded without you asking.

Not running as admin helps even more.

No iAntivirus will not detect it.
 
LegendKillerUK said:
That was too easy. But really, if you're going to use a metaphor, use one that suits.
Click to expand...

man, far be it from me to put the crown on here, literature ain't my thing, but come on! viruses/malware? doctors and AV people? "infection"? how is that *not* suitable. throw me a bone here.
 
mr.steevo said:
I have only heard/read about this on MacRumors. CBC radio isn't talking about it and I haven't seen it on TV either.



s.
Click to expand...

You need to show some cleavage to get on those types of medium. Maybe we one of the crackers was showing off her panties we could get it on the TV. :rolleyes:
 
Yamcha said:
I don't think there is anything to be amazed about, I think most Mac users are not very computer savvy, which is why they chose Mac OS in the first place, OSX has always been very user friendly.. Which is a good thing..

But that also means there will be a lot of users downloading and installing this..
Click to expand...

Well, I am sure you can find same same amount of 'not very compter savvy' people on windows too. Honestly, it is just stupid to label people based on their preferred OS as 'computer savvy' or not. I am using computers (programming, build my own, ...) since almost 30 years and switched a few years back to Mac ... does this make me now not 'computer savvy' ???

I think the main problem is that Mac users up to know didn't have to worry about this **** and are not expecting it. Even technical people feel safe on the Mac (Though they might use more common sense than none technical people)
 
TheLee said:
man, far be it from me to put the crown on here, literature ain't my thing, but come on! viruses/malware? doctors and AV people? "infection"? how is that *not* suitable. throw me a bone here.
Click to expand...

It felt rather exaggerated that's all.

The problem with the average Windows user is they believe they are safe because they had to get an antivirus solution, whether it be from the shop they bought the computer from or from a technically minded relation. I know, I have to fix them at work.:p
 
Yamcha said:
I don't think there is anything to be amazed about, I think most Mac users are not very computer savvy, which is why they chose Mac OS in the first place, OSX has always been very user friendly.. Which is a good thing..

But that also means there will be a lot of users downloading and installing this..
Click to expand...

While I agree mostly with your statement, this isn't 1991. We're talking 20 years of common knowledge and safe computing practices. Kids are now taught these basic concepts in elementry school. Seriously. My 7 year old niece had homework about viruses... computer viruses!

But that is why I think this scam has worked so well. It plays on the fear of viruses, but still... I get legit software ads (Mac Cleaner for instance) that want to scan my system and the like, and I still don't do it. UNless I willfully navigate to a site to look at software, not touching it. Anyone under the age of 60 should know better by now.
 
Can anyone see what it is that apple does to try and detect this malware? Is it a specific string in a plist or what?

Couldn't this malware be generated dynamically by the bad guys to do some randomization in function names and what not thereby evading any and all malware detection by apple as each app will be unique?
 
Also, instead of updating that list of bad malware once a day, wouldn't it be better to also download that file automatically every time a package installer or app is downloaded from the internet?

This is not a daily activity (installing new apps) so it shouldn't be too bothersome.. What do you think?
 
Wirelessly posted (Opera/9.80 (iPhone; Opera Mini/6.13548/24.871; U; en) Presto/2.5.25 Version/10.54)

0815 said:
Yamcha said:
I don't think there is anything to be amazed about, I think most Mac users are not very computer savvy, which is why they chose Mac OS in the first place, OSX has always been very user friendly.. Which is a good thing..

But that also means there will be a lot of users downloading and installing this..
Click to expand...

Well, I am sure you can find same same amount of 'not very compter savvy' people on windows too. Honestly, it is just stupid to label people based on their preferred OS as 'computer savvy' or not. I am using computers (programming, build my own, ...) since almost 30 years and switched a few years back to Mac ... does this make me now not 'computer savvy' ???

I think the main problem is that Mac users up to know didn't have to worry about this **** and are not expecting it. Even technical people feel safe on the Mac (Though they might use more common sense than none technical people)
Click to expand...

...especially since this is just malware, and not a virus.
 
Ok lets start with information:

dentified by security firm Intego, MAC Defender spreads via search engine optimization (SEO) poisoning—that is, it uses commonly searched terms to get prominent placement in search engine results. So, users looking for legitimate protection against viruses on their Macs might be duped into downloading and installing MAC Defender instead.

So basically its not just a trojan but also uses SEO so that someone :rolleyes: looking for Mac virus software gets spoofed WTF :confused: when do Apple users look for virus software?

Things that make me go :eek:

I did a search on Google and the first thing to pop up was this.

http://antivirus.about.com/od/antivirussoftwarereviews/tp/aamacvir.htm

Could not find anything in the first two pages for mac defender so I call this one myth busted.

Went to Torrent Search and same thing nothing on Mac Defender so exactly how are these people getting it?

The comments says it all http://www.macdefender.org/index.html
 
Last edited:
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back