Mac malware already evades scareware security update

Mac malware already evades scareware security update
Mac users feel the pain of Windows users caught in the middle of a cat and mouse game with malware authors.

It only took a few hours after Apple released an update to protect Mac users against recent MacDefender scareware attacks for a new variant to show up that is immune to the current targeted protection being offered by Apple.



A sophisticated social engineering attack that targets Google search results and Facebook has led to thousands of Mac users installing scareware products under the MacDefender umbrella. The scareware, like its Windows lookalikes, prompts users with a phony list of detected threats on the machine, and tries to scam credit card and other information from the user.

Apple had promised a fix for Mac users, and delivered one on Tuesday. The OS X update detects MacDefender variants and removes them, as well as detecting them before they can be installed by the user.

However, it is being reported that within eight hours of the update going live, a new variant was already doing the rounds that is "specifically formulated" to get around the security update.

Since Macs will now automatically look for an updated list of known threats every 24 hours, Apple has the ability to respond quickly to new variants. Some speculate that this is a taste of what is to come for Apple in the near future.

On Windows, scareware / malware threats evolved over time to anticipate moves to fight them by Microsoft and dozens of security firms that offer products to fight infection. It is common for malware to utilize self-protection mechanisms, such as blocking Windows updates in any of dozens of ways, and blocking communications with anti-malware servers to stop periodic legitimate A/V updates or access to A/V software.

Written by: James Delahunty @ 1 Jun 2011 14:33
Tags
malware Apple
Advertisement - News comments available below the ad
  • 9 comments
  • kikzm33z

    herp derp mac never get viruses hurr durr

    1.6.2011 16:29 #1

  • 21Q

    Still, why are people idiotic enough to install it in the first place.

    If you want a nice icon for your iPhone for afterdawn click on the link below. There is a two second delay before the redirect so act fast! http://www.freewebs.com/21qz/afterdawn.html

    Also Check Out My "Pc In An Xbox" Mod. There's a whole Pc inside of it! http://s84.photobucket.com/albums/k6/21q2/Xbox%20Pc/?start=0

    1.6.2011 17:58 #2

  • biglo30

    Originally posted by 21Q: Still, why are people idiotic enough to install it in the first place. Lol ikr, but its good to see the market is kind of even now. I wonder what mac will say in their commercials now. Obviously its not virus prove any more. I don't know if many of you remember the hacker who said that mac security was terrible, i bet some people will be finding that article again pretty soon if this keeps up.


    1.6.2011 19:40 #3

  • flyingpen

    Burn bitch burn

    Carpe Noctem

    1.6.2011 21:15 #4

  • KillerBug

    At least they don't have the dreaded Norton or McAfee viruses...yet...but malware has been on the Mac for a long time...AOL and iTunes to name just a couple.

    http://killerbug666.wordpress.com/

    1.6.2011 22:43 #5

  • xnonsuchx

    Originally posted by 21Q: Still, why are people idiotic enough to install it in the first place.
    More ignorant than idiotic...unless they knew it seemed a little fishy and installed it anyway. If only people would know what to stay away from, they likely wouldn't need ANY anti-malware software, no matter what their OS.

    I'm still shocked that companies are allowed to legitimately advertise this type of stuff (see MyCleanPC/SpeedUpMyPC/etc....usually the same bogus thing under a different name by the same company).

    2.6.2011 02:32 #6

  • SProdigy

    Originally posted by xnonsuchx: Originally posted by 21Q: Still, why are people idiotic enough to install it in the first place.
    More ignorant than idiotic...unless they knew it seemed a little fishy and installed it anyway. If only people would know what to stay away from, they likely wouldn't need ANY anti-malware software, no matter what their OS.

    I'm still shocked that companies are allowed to legitimately advertise this type of stuff (see MyCleanPC/SpeedUpMyPC/etc....usually the same bogus thing under a different name by the same company).
    That's completely false. For one, I've worked in IT for nearly 10 years, and recently saw something totally new. Had a friend with a brand new iMac and his search results were getting hijacked to different pages. Click on something in Google, say MSN.com and it takes you to random porn site, or other phishing scam.

    The issue wasn't in the iMac itself, instead the router! The factory firmware, which was the only available at its time, was infected with some type of redirect. Luckily for him, his router was compatible with dd-wrt and just like that, an easy fix, albeit a headache to find the issue!

    In my experience I've seen machines infected by being connected to the internet for only minutes. IMO casual users still need antivirus AND anti-malware to protect their systems. Since I'm beyond a casual user, I also double-up with a software firewall.

    2.6.2011 17:46 #7

  • xnonsuchx

    Originally posted by SProdigy: Originally posted by xnonsuchx: Originally posted by 21Q: Still, why are people idiotic enough to install it in the first place.
    More ignorant than idiotic...unless they knew it seemed a little fishy and installed it anyway. If only people would know what to stay away from, they likely wouldn't need ANY anti-malware software, no matter what their OS.

    I'm still shocked that companies are allowed to legitimately advertise this type of stuff (see MyCleanPC/SpeedUpMyPC/etc....usually the same bogus thing under a different name by the same company).
    That's completely false. For one, I've worked in IT for nearly 10 years, and recently saw something totally new. Had a friend with a brand new iMac and his search results were getting hijacked to different pages. Click on something in Google, say MSN.com and it takes you to random porn site, or other phishing scam.

    The issue wasn't in the iMac itself, instead the router! The factory firmware, which was the only available at its time, was infected with some type of redirect. Luckily for him, his router was compatible with dd-wrt and just like that, an easy fix, albeit a headache to find the issue!

    In my experience I've seen machines infected by being connected to the internet for only minutes. IMO casual users still need antivirus AND anti-malware to protect their systems. Since I'm beyond a casual user, I also double-up with a software firewall.

    And I've worked in IT since 1993...yadda yadda yadda. Yes, it's still a good idea for most users to use anti-malware software. I was exaggerating, in that it would be highly unlikely EVERYONE could learn to completely protect themselves anyway. There are certainly a few 'best practices' everyone who does anything online should be able to learn, though, so they don't have to rely on anti-malware software to catch everything they might stumble across as many of the worst offenders even get by those protections, but likely wouldn't have even been run across if users took some basic precautions. I keep a few anti-malware programs around for occasional scans of questionable things, but never have any active protection constantly running because it's more trouble than it's worth for me.

    2.6.2011 22:42 #8

  • SProdigy

    Originally posted by xnonsuchx: And I've worked in IT since 1993...yadda yadda yadda. Yes, it's still a good idea for most users to use anti-malware software. I was exaggerating, in that it would be highly unlikely EVERYONE could learn to completely protect themselves anyway. There are certainly a few 'best practices' everyone who does anything online should be able to learn, though, so they don't have to rely on anti-malware software to catch everything they might stumble across as many of the worst offenders even get by those protections, but likely wouldn't have even been run across if users took some basic precautions. I keep a few anti-malware programs around for occasional scans of questionable things, but never have any active protection constantly running because it's more trouble than it's worth for me. Sorry if that came across as a personal attack, it wasn't. I think what I meant was that the general population is lucky enough to know how to turn on a computer. I always assume the worst case scenario and overprotect anyone's machine I work on, at least in the home user environment, which is wide-open.

    I have a particular aunt though, that I ALWAYS have to fix her machine. Between her and her two adult children, they always find a way to destroy the machine! They either turn off or uninstall the protection, ignore updates and instantly click OK while installing dubious card games and other garbage. They refuse to take my advice on any general practices and it gets irritating.

    As for the office sector I worked in a for a few years, I've seen just about every type of stereotypical abuse of a computer. I've seen coffee dumped on keyboards, employees who hit "print" 50 times when the printer is jammed or out of paper, others that open/close their Outlook email after reading their message (wasting tons of time) users with 1000 desktop icons that "can't find their files" and the best: a guy who made his email font the same color as the background and claimed he couldn't "type".

    For the aforementioned email and web casual users, I tell them to get a Mac so a) they don't have issues and b) I don't have to waste my time fixing them!

    3.6.2011 09:46 #9

© 2024 AfterDawn Oy

Hosted by
Powered by UpCloud