back to article Mac trojan evades Apple's brand new security fix

Just hours after Apple issued a security update to protect Mac users against a rash of scareware attacks, a new variant began circulating that completely bypasses the malware-blocking measure. The trojan arrives in a file called mdinstall.pkg and installs MacGuard, a malicious application that masquerades as security software …

COMMENTS

This topic is closed for new posts.

Page:

  1. Dom 1
    Devil

    In the words of Nelson Muntz............

    Ha-Ha!

  2. Ed 11
    WTF?

    Shocker

    OS X in if-you-install-dodgy-software-dodgy-things-can-happen shocker. Is this news? If, through my own free choice, I run or click through an installer that pops up then I deserve what I get. It's like saying OS X has a built in malware because it ships with Disk Utility and you can use it to format the hard-drive and lose your data if you follow the instructions.

    Wake me up when there is something malicious that requires no user interaction.

    1. Naughtyhorse
      WTF?

      free choice

      wtf are you doing with a mac?

      :D

  3. twunt

    Ed 11

    How does your 'you deserve what you get' attitude help anyone? It doesn't.

    For years the main threat to Windows has not been self replicating viruses, but trojans JUST like this one. People are tricked into installing them by clicking booby trapped ads or popups - they don't deliberately install things they know are going to do harm.

    This is why antimalware software is useful - it warns you that the link you clicked caused a file to down to your machine. Mac users are just as likely to make the same mistakes as Windows users, but with the added advantage to malware writers of being unprotected through some idiotic and misguided sense of superiority.

    good luck believing that you are too clever to be infected - you truly will deserver what you get when it happens to you.

    1. Ed 11

      Twunt

      Is this the same "idiotic and misguided sense of superiority" that leads me to have ClamXav and LittleSnitch installed? Having grown up with Windows and having to use a Lenovo for work purposes, I'm worldlywise enough to know that with a few simple steps it is very possible to reduce the risk of being infected to something very close to zero.

      If you want my agreement that vendors should be a little more realisitic before painting the picture that their product is secure off the shelf then you have it.

      However if you for a moment think I'm going to run an installer that randomly pops up either now or in the future then you are very much mistaken, and I'm not alone in thinking that mugs who allow such installers to complete have brought their troubles on themselves.

  4. tony
    Facepalm

    I'm ok

    I was slightly concern about ropey software on my macs, luckily I found some free scanning software called MacDefender which after unlocking the full version removed the problems it found.

    Win Win!

  5. The Fuzzy Wotnot
    Happy

    I bought my trunks!

    I like Apple Macs, glad I moved to them, I think this whole bruhaha is absolutely hilarious! No not the problem, that's boring as hell, I mean watching the rabid fanbois ( from both sides ) , smug-gits and know-it-alls just bickering and fighting amongst themselves!

    I brought my blow-up seahorse ring and swimming trunks for a swim in the forum now awash with venom and much spleen venting!

    Keep at each other lads, it's bloody good entertainment, really cheering my day up!

  6. Anonymous Coward
    Anonymous Coward

    Terrifying

    Isn't this the equivalent of being mugged in broad daylight by a primary school child holding a butter knife? You'd just laugh, tell him to fck off and carry walking down the street.

  7. andy 45
    Coat

    Re: Mac users get Sophos for free...

    ..But that's an antivirus program and...

    ....this latest issue wasn't a virus!!

  8. Fading
    Childcatcher

    I'm confused

    So which one is better C64 or Speccy?

    1. The Fuzzy Wotnot
      Megaphone

      No way, right!

      My Amstrad 464 has 64k and a built in tape deck and proper full colour monitor attached and my brother's bigger than yours and I have the entire Star Wars collection in my bedroom and I have an endless supply of sweets anytime I want and I have a 22" colour TV in my bedroom and.....

    2. SpaMster
      Thumb Up

      Stupid question

      Speccy all the way! didnt get any of this malware buisness with the good old ZX

      I remember the Saddam virus on the Commadore Amiga, now that was a bitch to get rid of!

  9. Chris Reynolds
    Big Brother

    Timing?

    So the Mac is hit by a trojan at the same time as they're launching an app store eh? Whilst I don't think for one minute that they had anything to do with its inception, I wouldn't be suprised if they tackle it by promoting the use of their app store and spinning any outside purchases as risky, perhaps even warranty-voiding?

    It's not necessarily a bad thing but it doesn't bode well for anyone wanting to make software that Apple doesn't want to (re)sell.

  10. SpaMster

    Heard of firefox?

    Why arnt more people using Firefox with the NoScript plug in enabled? It's the easiest way to stop all this happening in the first place.

  11. John 48
    Black Helicopters

    Apple must be rubbing their hands with glee...

    I am sure Apple must be viewing this as a glittering marketing opportunity. First you need a bogey man to get people scared and make the draconian medication seem more palatable ("war on terror"?). Then you "offer" to limit software installations to those sourced through the approved app store.

    Shrinkwrap vendors will be encouraged of course to contribute their big high ticket apps to the store as well - to create a better "user experience" with streamlined purchase, install and updates just a click (and credit card number) away.

    How long do they wait until this starts to become the *only* way to get software on the machine?

    Even armed with the DVD bought from the retail dealer, you still need a permission token from the app store. Its just for your added protection you understand.

    Then the software vendors find that every route to market needs participation from the app store. Oddly they have started to charge for this. Only an admin charge to "cover costs" though. Oh, and that charge applies to updates as well. Users this is in your "best interests" so its better you just accept it. After all you would not want to have to jailbreak you Mac now would you?

    Software vendors, you obviously would not want to write anything that conflicts with Apple's world view now would you - just in case there is a vetting procedure for software to get permission to be sold to the Mac user base. Remember just because they paid for the thing, its not their computer. Oh, and we have "simplified" the app store for vendors now - there is no longer a charge for adding your product to the store. Instead we will simply charge small fee based on 30% of the sale price.

    Any of this sound familiar?

    In true Apple tradition, its ok to punish your loyal customers, but its better to get them to pay to be punished. They will like you more that way.

  12. jai

    they've fixed the latest threat now too

    http://www.macrumors.com/2011/06/02/apple-responds-quickly-to-evolving-mac-defender-threat-with-updated-malware-definitions/

  13. Anonymous Coward
    Thumb Up

    Already updated

    The Mac OS X 10.6 malware definitions file has already been updated by Apple to include this latest variant.

    http://www.macrumors.com/2011/06/02/apple-responds-quickly-to-evolving-mac-defender-threat-with-updated-malware-definitions/

    It now contains a huge nine known malware's covering the last 10 years...

  14. jco
    WTF?

    How lame

    How come (most) Mac users feel immune to maleware in forums and discussions, yet so many fell in the trap and installed MacGuard and MacDefender when told they were infected by a web page?

    I suppose they act as fanbois when it comes to defending their credo, but deep inside they know something is not right...

    lol

  15. Anonymous Coward
    Unhappy

    they're doing it wrong

    All you need to do to get malware onto a mac is to spend some money on an incredibly annoying, patronising advert with plinky plonky music and play it during every ****ing ad break.

    *Plinky plonky plinky ploinky* Hmm, you don't have mac defender *plinky plonky plinky plonky* If you don't have mac defender then you can't do loads of cool stuff *plinky plonky* and all your friends will think you're poor *plinky plonky*

    et cetera et ****ing cetera

  16. Mr Ian
    Thumb Up

    The Chosen One!

    As a software dev I really do hate the idea of rooting for trojans and the like, but this is superb news! Ladies and Gentlemen, we have a balance in the force!

Page:

This topic is closed for new posts.

Other stories you might like