New Variant of 'Mac Defender' Quickly Evades Apple's Security Update as Cat-and-Mouse Game Begins

[iSee]

Is this the beginning of the end for the Mac's malware protection?

No, it's the beginning of the beginning. We've all been happily living without having to deal with those crappy anti-malware programs but now we're going to have to start

Well, actually I'm hoping that activity on this latest trojan horse peters out like other Mac malware in the past. But it feels like the anti-malware companies are starting to get serious about selling their crap to Mac users, so this is probably just the start of our problems.

 

[0815]

it doesn't take a genius to NOT type in their password and install something.

One exception: In Vista I had to type it so many times that I (almost) stopped reading the dialogs ... lucky that is fixed in Windows 7 (and I had it fixed in Vista by turning the UAC off - that way it didn't bother me with prompts for day to day stuff and I payed again more attention when a password dialog came up)

 

[Drag'nGT]

Looking ahead at Lion, wasn't it released to hackers/security testers? Lion should be more secure.

 

[LegendKillerUK]

do they read news?

http://articles.cnn.com/2011-05-25/....ars_1_malware-applecare-mac-users?_s=PM:TECH

http://abcnews.go.com/Technology/te...aypal-mac-defender-computer/story?id=13691222

if you want I can post many more links for more traditional news outlets reporting about this.

Even our local newspaper had a report about it.

I'm not in the UK (as they are) at the minute but unless it was front cover news they wouldn't see it.

They aren't interested in tech so even the half arsed tech section of regular newspapers won't hit them.

 

[*LTD*]

Wirelessly posted (Mozilla/5.0 (iPad; U; CPU OS 4_3_3 like Mac OS X; en) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)

Booooring. Can we get some variety here, please? Or are we going to have to wait another two years?

Same trojan over and over.

Just lock down OS X, iOS style, and be done with it. Macs will still sell in record numbers.

 

[toxotis70]

Is there any site, to try this malware ?
I am curious to see how stupid i can be...

 

[Popeye206]

I'm just waiting for someone to complain that Apple is "restricting them" from installing software that they want...even if it's Malware.

LOL! You got that right!

 

[blackcrayon]

Bet it happens next week with Lion. Lion will ship with the Mac App Store as the only way to install software by default. it will have an option to install any software. I bet that option is called "Allow untrusted software to be installed" or something scary sounding like that.

If the option is there, what would be the problem? It might be nice to secure less-savvy user systems this way. "Install stuff outside the App Store at your own risk, Aunt Sally". You know, that Aunt whose Win XP machine gets overrun with adware in between your yearly visits.

 

[Apple...]

Wirelessly posted (Opera/9.80 (iPhone; Opera Mini/6.13548/24.871; U; en) Presto/2.5.25 Version/10.54)

Wirelessly posted (Opera/9.80 (iPhone; Opera Mini/6.13548/24.871; U; en) Presto/2.5.25 Version/10.54)



Not gonna happen.

Bet it happens next week with Lion. Lion will ship with the Mac App Store as the only way to install software by default. it will have an option to install any software. I bet that option is called "Allow untrusted software to be installed" or something scary sounding like that.

Um, ok. How is that "locking down" if you can still install applications from other sources?

 

[vartanarsen]

orwellian?

It would be sooo cool to have a clamped down Mac OS (like iOS) that is not open to software except for the Mac App Store, a brick firewall that woudnt allow anything past it.

 

[*LTD*]

Wirelessly posted (Mozilla/5.0 (iPad; U; CPU OS 4_3_3 like Mac OS X; en) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)

It would be sooo cool to have a clamped down Mac OS (like iOS) that is not open to software except for the Mac App Store, a brick firewall that woudnt allow anything past it.

Boom.

Problem solved. This approach is working now, and will continue to work if brought to OS X.

 

[iWinning]

it doesn't take a genius to NOT type in their password and install something.

It DOESNT require the password anymore

 

[batchtaster]

These *******s need to be killed.

 

[Full of Win]

It would be sooo cool to have a clamped down Mac OS (like iOS) that is not open to software except for the Mac App Store, a brick firewall that woudnt allow anything past it.

'Cool' is not the first word that comes to mind.

 

[benthewraith]

Remove open safe files after download

For the love of God Apple, remove "Open safe files after download." That's the whole means of attack right there.

 

[*LTD*]

Wirelessly posted (Mozilla/5.0 (iPad; U; CPU OS 4_3_3 like Mac OS X; en) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)

These *******s need to be killed.

*Guaranteed* Apple already has a solution in the works. They will be damned if they'll allow OS X to become as bad as Windows.

It might be a drastic solution, but it'll be for the best. So stay tuned.

 

[ezdz]

I'm wondering how long it will be before someone makes a malware installer that tries to look like an osx system software update

 

[iWinning]

Wirelessly posted (Mozilla/5.0 (iPad; U; CPU OS 4_3_3 like Mac OS X; en) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)



*Guaranteed* Apple already has a solution in the works. They will be damned if they'll allow OS X to become as bad as Windows.

It might be a drastic solution, but it'll be for the best. So stay tuned.

This was their solution and it did work.... for 8 hours.

People probably almost got a chance to install it before it was bypassed.

 

[*LTD*]

Wirelessly posted (Mozilla/5.0 (iPad; U; CPU OS 4_3_3 like Mac OS X; en) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)

*Guaranteed* Apple already has a solution in the works. They will be damned if they'll allow OS X to become as bad as Windows.

It might be a drastic solution, but it'll be for the best. So stay tuned.

This was their solution and it did work.... for 8 hours.

People probably almost got a chance to install it before it was bypassed.

No, I don't mean this particular solution.

I mean something much, much deeper.

Gruber's been talking about it and it's been mentioned here a few times.

 

[batchtaster]

This was their solution and it did work.... for 8 hours.

People probably almost got a chance to install it before it was bypassed.

You didn't read the release notes.

 

[Amory]

I have a question....

I work for Apple and WANT to install Mac Defender on my machine (external HD with OS X on it).

Anyone know where to find it? I am having a heck of a time finding it!

 

[Apple...]

Wirelessly posted (Opera/9.80 (iPhone; Opera Mini/6.13548/24.871; U; en) Presto/2.5.25 Version/10.54)

I have a question....

I work for Apple and WANT to install Mac Defender on my machine (external HD with OS X on it).

Anyone know where to find it? I am having a heck of a time finding it!

What branch are you part of?

 

[iWinning]

Wirelessly posted (Opera/9.80 (iPhone; Opera Mini/6.13548/24.871; U; en) Presto/2.5.25 Version/10.54)



What branch are you part of?

AppleCare. lol

 

[batchtaster]

Next, I hate how people, instead of placing the blame on Apple for using such idiotic settings and somehow not being able to fix the issue AT ALL, try to say Microsoft is worse. If you knew anything about Microsoft you would know how serious they are with malware.

There is no technical hole to fix. It's a social hole. "Open safe files" or no-"open safe files", people are being socially engineered into stepping through the installer.

 

[whooleytoo]

This may be wandering a little OT, but how is this malware being propagated to so many sites? It seems (by some accounts) to be on quite a few.

Is it possible it's infecting sites via Google adverts?