back to article Apple admits scareware problem, at last

Apple has finally held its hands up and admitted that the MacDefender scareware package might be a problem, abandoning the line that support workers must on no account suggest to users that their machine might be infected with malware. Contrary to this (unsustainable) line, Apple has now published an advisory explaining how to …

COMMENTS

This topic is closed for new posts.
  1. Greg J Preece

    Much more like it

    Pity they have to be bullied into favouring support over complete denial.

    1. Bullseyed
      Joke

      Re

      My favorite part was where they said the 60,000 to 120,000 number sounded a bit high...

      ...because who knew that many people were actually using Apple laptops and desktops.

      1. Anonymous Coward
        Joke

        Re: Re

        "who knew that many people were actually using Apple laptops and desktops"

        Isn't that only something like 2 per Starbucks? Seems pretty reasonable to me ; )

      2. Anonymous Coward
        FAIL

        Don't quit

        Don't quit you day job!

  2. Anonymous Coward
    Anonymous Coward

    About this supposed denial

    All we have about this supposed denial is Ed Bott's - a well known Microsoft shill - word for written on his regular column called "Microsoft Report"

    I actually went by the Apple Store (well to see the new changes to the store) and asked one of the tech staff (aka geniuses) if they knew how to remove it, he didn't seem to have any problem with it or telling me what to do.

    So sorry but to me this is all bollocks.

    1. Bear Features
      WTF?

      well no

      I also used to be a 'support staff' and it's quite common for the 'official line' to be one thing, but on ground level one actually does try to help the customer face to face otherwise one looks like a dick.

      Fact is:

      1. why has it taken this long for Apple to issue something?

      and

      2. I thought it was totally impossible to get anything untoward on a Mac, regardless of user stupidity? The argument has always used random and meaningless words like "Unix".

      Humble Pie doesn't always taste so good huh? That why when I bought my Mac I just bought the product and did not subscribe to the church. I don't like superiority complexes because they are usually short lived, as we are seeing ;o)

      1. Anonymous Coward
        Anonymous Coward

        Impossible

        Being a "support staff", I would've thought you would take the time to research things a bit more - although my experience of some "support staff" is to just read through a script.

        It has never been "totally impossible to get anything untoward on a Mac regardless of user stupidity". What has been mentioned many many times is that a virus can't (or at least ones that are "in the wild") get onto the system via vulnerabilities without the user doing something (like entering the admin password). This is in contrast to Windows where you could get infected just by connecting to the internet (ok, so this particular flaw has been corrected by patches, but there are others that are being patched all the time).

        1. Wize

          Re Impossible

          "What has been mentioned many many times is that a virus can't (or at least ones that are "in the wild") get onto the system via vulnerabilities without the user doing something..."

          Ones that can do such things are not in the wild. Not yet.

          No system is impenetrable. It just has to be worth it for someone to do so.

          1. Anonymous Coward
            Pirate

            Hmmm

            I am neither pro mac or against it, but a quick search on the obviously evil and fraudulent Google shows lots of places where there the implied position is that you are safe from malware on a Mac (or *nix for that example).

            Lots of them. Seriously, visit google and put some searches in. Its amazing.

            When a strain of malware does appear, taking the position that "no one ever said it was impossible" is a bit of a cheat.

            Traditionally it has been Windoze users who have tried to defend their OS's poor history by saying "it could happen to anyone" and this gets shouted down by the Mac / *nix users as nonsense.

            I have no major issue in the fight - I have a MacBook and a Windows PC that dual boots Windows vista and Ubuntu. I do not think one os is inherently better, or safer or more yellow or whatever stick you want to show off with, than the other.

            I do, however, think it is pretty close to lying to claim that Mac supporters havent made the claim that you can use their OS and be safe from Malware.

            1. Toggi3
              Go

              unix/mac/xyz/blah being immune to malware

              Nobody *reasonable* ever said it was impossible to be infected with malware on *whatever*. Especially if you include trojans in that mix. where you have to be stupid enough to download and run and install with admin permissions a malicious bit of software.

        2. Arkasha
          FAIL

          @AC & +++ath0

          I take it neither of you have heard of sarcasm then?

          1. Anonymous Coward
            Anonymous Coward

            Have you ever read...

            Any of Ed Bott's jihad pieces? Anyone who has and looked at the responses on zdnet can surely be forgiven for not noting sarcasm when it occurs.

        3. Bear Features

          haha

          Now the story has changed from 'never' being able to get a virus to 'well... maybe'.

          Like I said, Humble pie time.... extra portions to the church goers ;o)

          1. Anonymous Coward
            Coat

            Humble pie?

            From Windows users? LOL

            How much new crap came out for you in the last 2 weeks?

            Enjoy your viruses, malware and all kind of crap old Billy Boy lets through without even a peep, let alone acknowledgment.

          2. Anonymous Coward
            Anonymous Coward

            Re: haha....

            @Bear Features....

            I think you need to look up the defintion of VIRUS vs MALWARE. The story hasn't changed from those of us who are aware of these things. It's people who write stuff without researching things properly that give the impression that Apple users think they are not vulnerable, or show people as not knowing what they are on about.

            Much like your comment really

          3. John Bailey
            Pint

            Nope.. Sorry

            Fanboys don't do humble pie.. They do revisionist trifle. With a nice side order of panicky redirection.

            They "just work", except when they don't. In which case, everybody is expressing unrealistic expectations, cos "nothing works perfectly all the time"... And when other manufacturers have problems, nobody says a word.

            Other gems include.. "every phone has a death grip problem".

            Nobody wants cut and paste,

            nobody wants 3G,

            nobody wants a second mouse button.

            Until they become available on the holy objects that is.

      2. Anonymous Coward
        Anonymous Coward

        What?

        Who ever said it's impossible for users to install anything bad into the Mac, or any Unix for that matter?

        It's been widely reported that Snow Leopard included malware detection for stuff well before this one: http://www.theregister.co.uk/2011/03/22/apple_mac_malware_update/

        And the end of day if you give something the admin password you're trusting it to do the right thing. Whoever thinks otherwise is seriously deluded.

        I don't know why it took so long for Apple's official solution for this to come out - if about two weeks is that long.

        Maybe they thought this could be controlled using Google's Fraudulent website list and "Safe Browsing" feature (used by many browsers including Google's own Chrome and Safari) before coming out with the bigger gun of adding a signature to the OS?

      3. Anonymous Coward
        Boffin

        @Bear Features

        Agreed. My head office of a Aussie brown-goods chain doesn't go out of their way to screw over the customer, but they will often impose limits on what I can do to help them outside of our usual send to the service department option. This is most often visible in that I'm limited to 10 minutes per support query in store, and I certainly can't offer to do any cash in hand work after hours as it competes with another wing of the biz. Any reasonable business HAS to give at least SOME leeway to their customers in support, whether it's their own product or just one they offer. The fact that Apple know their product should mean this shit shouldn't happen. At all.

        And I don't get most of the comments here. I don't care what operating system you use, guaranteed there will be some kind of privilege escalation exploit that can be taken advantage of. I don't know if Mac has silent installs, but it would only take the combination of the two to fuck people over on a massive scale. In both the damage to their computer and the damage to their wallet after buying an expensive paperweight the manufacturer refuses to support.

        AC for obvious reasons.

    2. Anonymous Coward
      Anonymous Coward

      Umm

      @Arkasha

      Sarcasm? In "Bear Features" post? Wow must be a really stealth one as I tend to have a good detector.

      @AC 11:40

      Just tried that with "Mac trojan" and "Mac safe trojan" and all the first pages of links found are all from people saying Macs do have them.

      Care to share you own apparently magical query terms? I really doubt anyone in their right mind will say Macs are safe from any malware users install.

      1. Anonymous Coward
        Anonymous Coward

        @ +++ath0

        And the links are people arguing with others who are saying macs dont. They arent just people randomly saying "hey, do you know my apple gets viruses..."

      2. Steven Knox Silver badge
        Boffin

        Sarcasm Detector.

        @+++ath0:

        'Sarcasm? In "Bear Features" post? Wow must be a really stealth one as I tend to have a good detector.'

        Try this bit again:

        '2. I thought it was totally impossible to get anything untoward on a Mac, regardless of user stupidity? The argument has always used random and meaningless words like "Unix".'

        If your detector still did not go off, there may be an issue with it. Please follow these steps:

        1. Is your detector a brilliant Apple iRony, or a cheap non-Apple knockoff? If it's an iRony, you're obviously using it wrong, as it's flawless. Please return it along with all of the original packaging. No refunds.

        2. If it's a knock-off, well, we don't service those. Sorry.

  3. Frankenstein
    Thumb Down

    "At last"?

    what would you soon they say "oh yes here's a problem good luck with that" or "oh yes here's a problem, here's how you fix it while we work on a permanently solving it"

    1. EnricoSuarve
      FAIL

      Yes "at last"

      The keywords in both your replies were "oh yes here's a problem" which is what was missing beforehand so yes "at last".

    2. Annihilator
      Stop

      Erm, yes?

      "what would you soon they say "oh yes here's a problem good luck with that" or "oh yes here's a problem, here's how you fix it while we work on a permanently solving it""

      In short, yes. But more specifically, "here's a problem, *we're aware and are working on it*".

  4. Anonymous Coward
    Jobs Horns

    Criminal Negligence

    "Staff were actively discouraged from helping customers to diagnose the problem"

    Sounds like criminal negligence to me! Good job you've been stockpiling that cash Steve.

  5. banjomike
    FAIL

    staff were actively discouraged ...

    I call that "actively encouraged to lie to customers". Another aspect of the legendary Apple "screw you" customer relations technique.

    1. Ivan Headache

      Actively encouraged to lie?

      I thought the they were told not to admit that therewas a problem.

      A completely different scenario.

      In almost 15 years of Mac support - I'v e never yet come across a 'screw you' response from Apple's support teams.

      In fact just the opposite - I've had out of warranty macs replaced for free when failed parts cannot be obtained.

      1. banjomike

        Of course it encourages lying

        If you ring support and explain a problem you probably would like an accurate and truthful reply. If the support person has a postit(or whatever) which says "do not admit to a malware infection" then you will not be getting a truthful answer. Hence, lying.

  6. Captain Haddock
    FAIL

    Moral of the story...

    Don't type in your admin password when you haven't got a clue about what you're installing.

    Complete user FAIL.

    1. Anonymous Coward
      Anonymous Coward

      User vs System

      Hmm, I sort of agree. It is a fail but it is the user or the OS.

      Least Privilege makes sense but it needs to be properly implemented and users have to be TRAINED in how to manage it. Simply assuming home users, who have bought the nice shiny white box cos it cures cancer, will think to create various accounts and monitor permissions properly is doomed to failure. On an epic scale.

      Apple encourages its users to not be techno-savvy - they dont need to be 'cos everything is easy and just works. Except when it doesnt.

      Have a proper OS where permissions are not blanket "Admin" or "user" and things might get better. Cant think of one that works though.

      1. Anonymous Coward
        Linux

        re: Have a proper OS ... Cant think of one that works though.

        *NIX-style group-based security is fairly effective.

  7. Anonymous Coward
    Anonymous Coward

    Mountain/Molehill

    malware/scareware isn't anything new on any platform surely? It relies on the user actively allowing it - it's not self installing/replicating/spreading like a virus

    1. The Fuzzy Wotnot
      Stop

      Stop!

      This is genine old style Windows vs Mac slanging match!

      Stop making sense or trying to bring a reasoned argument to the table, just grab a beer and some popcorn, and watch the fanbois on both sides slagging each other off!

      1. Tom 13

        Shouldn't that be

        "grab a beer and a pint mug, drink the beer and just slug the nearest combatant with the mug like everybody else is doing."?

        Personally I'm of the opinion that while I know Macs are less vulnerable, they aren't invulnerable, but most of the comments from the Mactards even here on El Reg have tend toward the invulnerable. There have of course been a few notable exceptions. And this particular piece of nasty sounds exactly like one of the ones that has been plaguing Windows for ages.

  8. Ted Treen
    Flame

    The problem is...

    ...not with the kit or OS.

    It's with the user. And I've said the same thing regarding similar nasties on Uncle Bill's platform.

    If you've a nice petrol-engined car, and you fill it with 14 gallons of diesel, would you expect the manufacturer to sort it for you, and fix it under warranty?

    If you would, then you're not entirely reasonable.

  9. Anonymous Coward
    Flame

    Easily infected

    "works as easily on Mac fans as Windows users"

    Actually the concept is proportionally more likely to work on Mac fans than on Windows fans:

    o Most Mac users have never seen anything like this before, and are therefore more like to believe it to be true and click through

    o Most Mac user believe Macs are safer, and are therefore less likely to be suspicious

    o Most Mac users will believe Apple when they say there isn't a problem, so Apple's stance has only made the situation worse.

    The fact is, users are stupid, no platform is safe, and vendors have a responsibility to be honest to those who buy their products.

    We in the IT industry need to stop bashing each other and bash the vendors more into making things safer. Apple have seriously dropped the ball by delaying this one.

    1. Frederick Tennant
      Alien

      Easily infected

      Yes, users are the problem. How can somebody install a program which they have no idea if it going to help them, reading information from the install site without checking is just plain nuts.

      If a strange man approached you in the street and said "come with me if you want to live and you follow him down a dark ally, don't be surprised if you get mugged.

      Do you remember the intel inside badge which was renamed, "idiot outside" in the early 90's well its time to bring them back for our Granny Smiths.

      1. Wize

        @Fredrick Tennant

        Yep, we wouldn't go with a stranger. But most people on this site know more than the average computer user. Most users are like children and would follow the stranger to see some puppies.

      2. Anonymous Coward
        Troll

        Bring down the user

        Users are a problem. Agreed. By this token all Operating Systems are equally vulnerable because the users are a problem.

        Life would be so much easier if systems could be designed and then not used by users, wouldnt it?

        I mean, it is simply just not possible to design a system that guides the user to staying safe.

    2. Arkasha

      Yes, but...

      I also wouldn't expect the manufacturer to instruct its dealerships to tell their petrol-car-buying customers that everything's okay despite the fact the dealership can clearly see the car's full of diesel. That's the real issue here.

    3. Anonymous Coward
      Anonymous Coward

      Users

      Shame people dont need a licence to drive a computer, isnt it?

      I mean, its not as if the nozzles are different sizes or the thing colour coded to help is it?

      With malware, its designed to look legit. How dare these stupid users follow on-screen instructions when using a Mac.

    4. Ivan Headache

      Re; Most Mac users have never seen anything like this before

      Not true. This type of malware has been around for ages.

      We've been seeing it pop up randomly on web-sites as long as I can remember using the internet.

      What is different this time is that it doesn't look like a windows app running.

      1. Anonymous Coward
        FAIL

        What is different this time ...

        ... is that it looks different, which is why "most Mac users have never seen anything like this before".

  10. uhuznaa

    Makes sense with that scamware

    I mean, this was scareware that pretended to be a virus-cleaner. Giving a vague "malware problem" publicity by confirming that there is a new Mac malware going around would probably make the usual headline-skimming users more, not less prone to fall for that thing. Actively ignoring it and playing it down until you offer a clear document what this is and how to remove it actually makes sense in this case.

    BTW, you remove this thing by throwing the app into the trash and emptying the trash. Lol.

    1. jonathanb Silver badge

      Not that easy

      If you need an admin password to install it, then it puts things in places other than the application folder.

  11. jeffo

    Nobody expects Microsoft to do anything about viruses/malware

    When a virus or malware hits Windows machines, nobody expects Microsoft or the machine manufacturer to sort it out, so why is everybody making such a big deal about Apple's slow response?

    And of course Macs can be targetted by viruses/malware, it's just that as the installed base is smaller, they're not such a prime target. Also, the inbuilt security is probably slightly better, but certainly not bulletproof.

    1. Arctic fox
      Happy

      No all those evil bastards at M$ (The Great Satan) do is......

      1. Cooperate actively with internet security professionals.

      2. Issue regular advisories themselves.

      3. Issue regular updates/patches where known issues exist.

      4. Provide one of the best AV packages on the market free, gratis (Security Essentials)

      5. Actively cooperate with Jurisdictional authorities to trace, obtain the evidence, arrest and convict the criminals who engage in this kind of shite.

      Nah, they don't do nuffin', fuck all really.

      1. Anonymous Coward
        Jobs Halo

        You forgot the bit where they...

        Say ...... off, it'll be fixed next patch Tuesday or the one after that, sometime, when we get around to it. That is your missing item 6. I suggest application of sanity in the form of downing a few Redds is needed for your obvious oversight in not including item 6.

    2. Anonymous Coward
      Anonymous Coward

      Carriage Return APPLE

      Apple are more than just the OS manufacture when it comes to their devices. They do this to ensure that things "just work" so they have to accept some responsibility when they dont....

  12. LPF
    Thumb Up

    Again....

    When Macs have a virus problem like windows then they will have a problem. But you will notice they dont! and considering the Uderlying UNIX system is run by most of the major financial organisations in the world , you would think the writers would target Unix vulns..

    They dont target Macs with viruses becuase of the simply fact that unlike Windows is damned hard to propergate a Virus via UNIX systems , GET OVER IT PEOPLE!

    Now social malware like this mac denfender relies on user stupidity and there is no software that can defend against that!

    1. Peter Gathercole Silver badge
      Unhappy

      @LPF

      I agree with your sentiments, but I would dispute that major financial institutions use UNIX primarily because it's safer. In actual fact, all of the financial institutions I've worked at (and there have been several) all shield even their more secure OS's from untrusted traffic with layer-upon-layer of additional protection (filewalls, port filters, content level filters etc.), and often run their internal networks in segregated segments for security purposes.

      Mainly they use UNIX because it has scaled better in the past, has been easier to port applications between different vendor platforms running UNIX, and has better Enterprise RAS features and vendor support than most other popular platforms.

      With very large Intel systems, virtual machine support, and major vendors differentiating their Intel platforms with RAS enhancements, these advantages are being eroded over time.

    2. Stupidscript

      Not quite accurate

      "Uderlying UNIX system is run by most of the major financial organisations in the world"

      While most intelligent corporations do use some variant of Unix or Linux, nobody but Apple uses the mutant FreeBSD variant on which Apple based OSX.

      1. Tone
        Jobs Halo

        Think Sony Use Linux..

        Looks like there is a new version:

        Antivirus firm Intego today reported that it has discovered a new variant of the "MACDefender" malware that ups the ante by not requiring an administrator password for installation. The step is accomplished by installing the application only for the current user.

        http://www.macrumors.com/2011/05/25/new-macdefender-variant-installs-without-admin-password-requirement/

  13. TRT Silver badge

    But you must admit...

    It's a damn sight easier to kill this kind of thing on a Mac than it is on a PC!

  14. George 24

    Microsoft is expected...

    To remove malicious software. It releases an update for this purpose every month. Having said this, the corporate line for many organisations, IT or not, is denial of issues to start with, then comes the real solutions. Apple, Telstra, M$, Governments all do it.

  15. Annihilator
    Black Helicopters

    Tin-foil hat

    I started responding to someone else's post about how any user (Mac or otherwise) has to ultimately lay trust at someone's doorstep when installing any piece of software. I then started pontificating about how they could get around that hurdle, who could "sign" software as legit. I then thought "ooh, and App Store controlled by Apple would work" and then shuddered.

    Is there the remotest possibility that this was deliberate? Is the solution from Apple going to be "only buy from our App Store and you'll be fine"? Or am I just seeing shadows...

    * sound of heli-rotors despatching from Cupertino.. *

  16. firu toddo
    Alert

    Teacup Storm

    Chill out guys, non story in the making!

    Apple issue a memo (Sez the bloke from M$) telling support not to tell users they have malware on the machine. So what, they don't, the problem is a scam site. You need to reassurance and help and the Genius Bar staff happily tell you how to avoid the issue.

    End of the Apple story.

    You want to blame somebody? OK, Did you sign up to the scam, give em money or install software? YOU did?

    Well YOU did it, not the computer, not the manufacturer of the computer or the OS or the fairies at the bottom of your garden. But YOU.

    If you believe giving money to some random twat you've never heard of from the interwebs who took control your computer, scanned it and now tells you how to fix a problem you didn't know you had then that is YOUR problem.

    YOU, OK?

    1. Annihilator
      FAIL

      What you've missed

      "Well YOU did it, not the computer, not the manufacturer of the computer or the OS or the fairies at the bottom of your garden. But YOU."

      Correct, but they're paying for Applecare, i.e. paying someone to fix any problems that develop, regardless of who causes them. The best analogy I can come up with is a user accidentally puts an offensive image as their desktop wallpaper and doesn't know how to switch it back, they take it to Apple for help and get the official response of "there is no offensive wallpaper" instead of them switching it back for them.

      Yes, it's the users fault, but in asking for help, they're told there is no problem to begin with.

      1. Ivan Headache

        But what you've missed

        Is that they are paying for Applecare to give an extended warranty for Apple Products. Not for the products of some Russian scam-artist.

        Your 'best' analogy about wallpaper is pretty pathetic - instructions for changing wallpaper are in every mac (and you know it) - And Applecare would tell you how to do it if you didn't know - because switching it is 'part of an Apple product'.

        What Applecare won't do (along with DellCare or AsusCare or SonyCare etc) is fix your MS Office when it screws up again, or your CAD package or your Adobe package or your Epson printer.

    2. P Zero
      Terminator

      o really?

      Ever heard of privilege escalation? Silent install toggles? YOUR PROBLEM.

      1. Bullseyed

        Re

        YOU DID IT.

        Except when Windows gets a virus. Then it's totally Microsoft's fault according to the Apple commercials.

        Right? RIGHT?!!?!

        1. Anonymous Coward
          Anonymous Coward

          Well yeah? @bullseyed

          MS made a shitty operating system that has more holes than a colander?

          How is it not their fault? You're talking viruses here, not trojans like mac defender.

          This is not even Mac fanboism, almost ANYTHING out there is better than Windows: Linux, Mac, FreeBSD, OpenBSD, BeOS, HP-UX, Solaris, QNX, iOS, NetBSD, Android, ChromeOS, Plan 9, Hurd, VMS, etc.

          Windows just sucks at security compared to ALL these.

          1. Blitterbug
            Stop

            @AC Well Yeah?

            Wrong, actually. My own small IT outfit has removed dozens of these things in the past few weeks on Windows and NONE of them has been an infectious virus of the traditional kind. I stopped seeing those a couple of years ago, tbh. They are all trojans these days, mostly vicious and (admittedly) tough to remove as they often include (or download) TDSS rootkits.

            I have personally removed many dozens in the past year that masqueraded under around 20 different "AV" names (XP Police AV, MS AV 2011, etc etc etc) and they vary from simple to incredibly time-consuming to deal with.

            I'd say over 90% of really nasty viruses on PC atm are of this ilk. So why is the huge volume of PC infections always MS's fault, when nearly all modern infections starts with a "Your PC is infected. Click here now" warning?

            As another poster said, the IT community should stop mud-slinging. Users are users, and every non-teccy Mac user I know swears to me that they are immune from viruses, which is a singularly dangerous attitude and mentioned only as illustration that the problem is one of education, and not solely platform-based.

        2. jonathanb Silver badge

          Re

          If you get a virus simply by visiting a website, opening an email, or even, in the past, just connecting to the internet, that's Microsoft's fault.

          If you get a trojan by purchasing it off some banner ad, installing it, and approving it at the UAC prompt, that is your fault.

  17. Anonymous Coward
    Flame

    Safest thing to do...

    ... is to euthanise all apple machines.

    There - fixed ;)

  18. Andrew Hodgkinson
    WTF?

    Here we go again

    If people were so convinced that Macs were immune to any kind of malware, why did they download an anti-virus package from a website that said they had a virus? A virus that they believed they couldn't get? Nope; they were all too happy to believe what the web site said.

    They downloaded the package, double-clicked on the installer, clicked through the warning that the package may be malicious (you get that for any downloaded executable), clicked through the installer procedure, typed in the admin user name and password and then ran the software. Some even then went and typed their credit card details into its GUI.

    If people really *did* believe their machines were immune, they never would have believed the web site saying it had a virus and never would have downloaded, or been infected by, the malicious package in the first place. Oh, the irony!

    1. Jean-Paul
      WTF?

      Only the stupid ones did

      Andrew, only the stupid ones did. Most likely formed by years of Windows use and with little faith.

      I've seen it pop up several times and had a good look and laugh for fun. It looks so fake it is beyond believe, not even close to Finder. My wife on her macbook who normally asks about things even saw that thought it was just one of those stupid windows targetting ads and instantly clicked it away. My daughter on her iMac, well that machine is locked down with parental control, but is also clever enough at 8 years old to ask someone else when not certain what they are doing.

      But you can't protect against gullable people, I've kicked off several friends from links on social networking sites as they seem to say yes to anything.

      It would be nice when the fanboys see this for what it is, it is a con, it is not a system vulnerability. And this is not the first time, anyone want a pirated vesion of iWork?

      1. Anonymous Coward
        Anonymous Coward

        Only stupid people get malware?

        Ok, I can sort of agree with that.

        Can we stop saying Windows is at massive risk of viruses and malware then, because, basically, only idiots do things that will lead them to get infected?

        1. Jean-Paul

          Malware yes

          @AC, I agree social engineering malware that cons people into it it is the same. Never has been any different nor pretended to be difference.

          Virus or Trojan quite a different story.

          <devil>Just buy your software from the AppStore only and you'll be ok</devil>

      2. Bullseyed

        Re

        "Most likely formed by years of Windows use and with little faith."

        Even when sh!tty Macs get viruses it is Windows fault.

        Bill Gates must have an amazing piece of code over there to extend such influence.

  19. andy gibson

    Will some good come out of this?

    Will Apple take action against "Mac Defender" and hopefully do something to try and put a stop to this kind of thing on all platforms?

  20. Captain Scarlet Silver badge
    Go

    hmm

    At least the malware removal looks simple enough.

    1. Anonymous Coward
      Happy

      Yes, obviously no devious stealth techniques here then...

      1. Find process, kill it.

      2. Find app, delete it.

      Simples.

  21. Robert Grant
    Happy

    @andy gibson

    Apple won't take action, as Mac Defender didn't use rounded icons. But if they HAD, there'd be a lawsuit filed faster than you can spell frivolous!

  22. gef05

    Impossible

    It's a Mac. It's impossible. This is Big PC spreading lies and innuendo. PCs SUCK.

    Etc etc etc ad nauseum.

  23. Joe 35
    Stop

    "proves that other platforms are not immune to malicious software"

    That should read "proves that idiot / naive* users are not immune from installing malware whatever platform they are on"

    * delete as applicable. Preferably literally.

  24. twunt

    stop being such a TWUNT

    firu toddo - your superior attitude isn't helpful. Not everyone who gets infected is as savvy as you. In fact, they might have bought a mac because someone just like you told them how great and safe they were and how they don't get viruses.

    People make mistakes - they click things they shouldn't, then they follow the process through. Someone who believes the initial pop up is unlikley to stop believing it at the point of entering their password are they?

  25. Anonymous Coward
    Anonymous Coward

    Malware-Like?

    It's not "malware-like" it is malware, plain and simple. It seems even now Apple can't quite bring themselves to admit in clear unequivacal terms that malware exists or is even possible on their hallowed OS.

    And before you start, fanbois, I don't care if it's a virus, trojan or whatever - it's all malware and I don't give a toss how it propogates. The attitude of "you don't need an anti-malware application if you've got a Mac" simpy holds no water for users who don't have a clue what they're doing. I know windows users who've been similarly clueless and fallen for similar scams and their AV software has saved them. And again that's not to say OSX isn't more secure than Windows, it's that MS actively encourage their users to install AV software. Apple OTOH actively discourage their users from installing AV software. As a result of this Apple have to take some of the blame for this malware getting onto their users' machines.

    1. Ivan Headache

      Can you point to that in an Apple doc.

      I've never seen an Apple doc that actively discourages people from installing AV software.

      They sell AV software in the Sops and on the online stire

    2. Joe 35
      Thumb Down

      "Apple OTOH actively discourage their users from installing AV software"

      Obviously not enough in that case, because that's what these prats thought they were installing !

  26. BinaryFu
    Pirate

    Hackers don't infect computers - users do.

    ANY computer is vulnerable to infections of ANY sort, provided you have two main factors in play:

    1) Someone found an exploit and wrote code to utilize it.

    2) A user was stupid enough to give it root access.

    Any platform, any OS. Period.

  27. twunt

    Stop lying jeffo

    jeffo- MS makes it very clear to users that they'll need anti-virus protection - they even provide MS Security Essentials for free.

    Go into an Apple store and ask one of the assistants whether you need malware protection - I guarantee they'll say no.

    Its all very well blaming users, but if they've been led to believe that they're safe then Apple really needs to take responsibility - its good to see that they finally have.

  28. twunt

    LPF - that's what security software does!

    Lots of c-nuts commenting that 'software can't stop an idiot from installing something' - it CAN! That's exactly what AV/Anti Malware software does do!

  29. Walt French

    Sue the bastards

    What?!? It's possible for users to install software on Macs?!?

    Who knew? Why didn't I get high-priority warning emails from Apple?

    Obviously, the company is responsible for any junk that users put on their machines, if they let users install a single app.

    Obviously totally irresponsible of them to allow users to put programs on their computers, and to connect to the internet with them. Sue the bastards!

    Right, Register?

  30. Jamie Kitson

    You Have To Admit

    Those clean up instructions are very straight forward.

  31. Anonymous Coward
    Welcome

    AppleWar

    I do like how if a MS Windows based machine gets malware its down to a problem with the underlying operating system, yet if a Mac gets beasties then it is all, 100% the users fault.

    I, for one, bow to our granny smiths overlords.

    1. Anonymous Coward
      Pint

      Well...

      I'd hazard the guess that it all started in zdnet-land. Why might you ask? Well, for years there are people who blog and post there (I know I'm insane for visiting that site, thereg is much more amusing, now back to the thesis) have been claiming that viruses and other malware on Windows are all the fault of the user, not Microsoft's at all. That and they claim they have never used AV or related and never had an infection etc.

      What is truly amusing is the same people are now claiming that that isn't the case with this storm in a teacup. That it's all Apple's fault and the world is ending (Harold Campling should be proud that this occured on/around May 21).

      Basically, it's all just a bunch of tossers screaming louder, looking for their chance for glory. That or it's all a conspiracy and there are people behind the people etc that are controlling it all. Stuff it, beer is needed. I've read too much zdnet and brain cells need to be culled to remove the memories.

    2. Joe 35

      " I do like how if a MS Windows based machine gets malware ..."

      ... its down to a problem with the underlying operating system, yet if a Mac gets beasties then it is all, 100% the users fault."

      Yes, that would be because thats the case.

      I a large proportion of the time, it IS split between the MS WIndows platform and the user, whilst in the Macs case it is ALWAYS the users fault.

  32. Puck

    so THAT'S what Apple will do with their $50bn cash pile:

    buy an antivirus company!

  33. Stevie Silver badge

    Bah!

    It's not about hubris, or comparisons to Windows, lads. It's about the denial.

    That's the real difference between a mac and Windows. If a mac malfunctions in some way you'll only hear about it if you know what the problem is to start with and can find it on the Apple forums.

    If a Windows vuln is discovered it is on the back of milk cartons within the hour.

    I never heard of anyone getting an exchange from Dell having to sign an NDA, either.

  34. Christopher Cowan

    I got the pop up yesterday

    Looking through images of houses on Google I clicked on a picture of a house I liked and the browser turned into a bad facsimile of the Finder showing all sorts of infections overtaking the machine. I was asked to install MacProtector and it had downloaded the zip file file and asked for Admin password. Quick Cancel and in to the trash and problem sorted.

  35. DJ Particle
    Jobs Halo

    Still no Mac worms in the wild

    Back in 2005, I had to re-OS my Windows-powered SHOUTcasting machine with XPsp2.

    Got it all loaded up with XPsp2, Ad-Aware, Spybot S&D, and Sophos AV.

    Keep in mind this is a FRESH INSTALL hooked up to the Internet.

    Sophos found 12 infections, Spybot S&D found about 15 more, Ad-Aware found about 3 more after that.

    Worms. Viruses that self-replicate and take advantage of holes in the OS to install without any user interaction. Windows 7 is still susceptible to these kinds of attacks today.

    I have yet to see that kind of infection succeed on a machine running MacOS X. So far, all these Mac viruses have been Trojans, requiring a PEBCAK. Windows users still have no right to gloat.

  36. Marketing Hack Silver badge
    Jobs Horns

    Sounds a lot like vintage MS

    I remember when viruses first started being really noticeable in the Windows environment. At first, MS did the "don't worry, be happy" thing themselves, but over time MS did start getting serious about security.

    Seems that Apple needs to make the same voyage.

  37. edog
    Joke

    Apple's next steps!

    Now that they have admitted that viruses for Mac do exist, their next step will be:

    1. Embrace the virus

    2. Commoditize the virus

    3. Make but loads of Money off the virus

    I put a comic up on my site this morning:

    http://www.slowroadtoknowhere.com/2011/05/apples-new-api.html

  38. bruceld

    Steve jobs responds...

    "the alleged malware on my apple computers are a non-issue because I spank my fanbois...er customers if they misbehave. I am God and they do as I tell them. Okay time to change my liver...bbl suckers"

  39. Rolf Howarth
    Flame

    Oh dear

    The quality of comments in these forums has declined dramatically in recent months. There's so much misinformed crap on here I don't even know where to begin.

    1. This isn't a virus, it's a trojan. Any platform which lets you install software is susceptible to social engineering attacks. Just like Windows, you need to enter your password to confirm you want to install and run software you download from an untrusted site.

    2. Four or five days to fully investigate an issue and come up with a clear statement, rather than rushing out something misleading or incomplete, doesn't seem particular tardy, nor does telling support staff not to do or say anything that could make it worse until the investigation is complete seem particular irresponsible.

    3. Only someone stupid or misinformed would claim that Macs *can't* get viruses (though sadly forums such as this are ample proof that there's no shortage of either). I believe it's still true to say that while Macs certainly could be susceptible to a virus, the number of actual viruses out there in the wild *currently* that pose an *actual* threat is approximately zero. Nada. None. (A few proofs of concept, or cross platform Java or Flash exploits that have either long since been patched or never properly targeted the Mac, but no serious live threats). This means that *currently* there is little or no point anyone with a Mac should buy AV software. This could all change in future of course (and lots of people, from credit card thieves to Mac bashers through to AV vendors would wish that to be the case, so you'd have to be very naive to be too complacent).

    4. Ditto for malware, there is little or no serious malware targeting Macs at present. That's why this one is news, after all. Again, that doesn't mean there might not be more in future, especially as the Mac's market share continues to increase, or that Mac OS is technologically superior to Windows. If Windows is more susceptible to malware then that's only because most PCs come with so much demoware and crapware pre-installed by the manufacturer and alerts popping up from software they've never heard of that users are preconditioned to clicking Yes when a strange message pops up telling them they need to install something.

  40. REunson

    FUD from one source Ed Bott

    "Apple's support centres sources told ZDnet that anywhere between 60,000 and 125,000 customers had contacted the facility with malware-like problems."

    Wrong. Wrong. Wrong!! Apple support centres sources did not tell ZDnet anything. Ed Bott concocted the 60,000 - 125,000 number himself. He arrived at that number after a so called "anonymous insider" said calls that "REFERRED" to Mac Defender had exploded.

    http://www.zdnet.com/blog/bott/an-applecare-support-rep-talks-mac-malware-is-getting-worse/3342?tag=mantle_skin;content

    The word "REFERRED" is very vague, it could be just callers asking for advice.

    When Arstechnica did a more thorough investigation, to find how bad the problem was, they found there had been a marked increase but the problem wasn't anywhere as bad as Ed Bott portrayed.

    http://arstechnica.com/apple/news/2011/05/malware-on-the-mac.ars

    Ed Bott then comes up with an internal memo, that say's support staff are not to help. But, as actual Mac users have attested, support staff have only been too happy to help.

    Has anyone else found that Apple was ignoring the problem except Ed Bott?

    Apple are well known for not commenting until they researched the issue, this is no different.

    Ed Bott also posted links to Apple forums, where the number of infected users has also exploded. But, if you actually read the forums, 95% of the posts are helpful instructions on how to remove and avoid the trojan.

    Ed Bott then comes up with the 60,000 - 125,000 number, based on no evidence at all.

    http://www.zdnet.com/blog/bott/apple-continues-to-tell-support-reps-do-not-help-with-mac-malware/3375

    Where has all the information come from that the whole web is suddenly using as verified facts.

    One source. Ed Bott.

    He got riled by John Gruber when he called him out for crying wolf. Now Ed Bott is on a FUD campaign. Plain and simple

  41. Clint Sharp

    I found half a maggot in this Apple

    I think the main problem lies with Apple and their fanbois.

    I've lost count of the number of times I've met Apple users in my day to day working life who religiously believe that their sainted machines are invulnerable to malware of any sort.

    Sure, we're mostly techy types in here and yes, we know when not to give a piece of software a password or agree to install something (although I will admit to clicking the wrong button once or twice, experiencing the 'ohnosecond') but the same old argument applies, you *have* to educate the lowest common denominator.

    Preaching that a platform is invulnerable or worse denying the existence of an extant and demonstrable problem does not do that, it makes it *more* likely that the average 'I just wanna get on me facebook mate' user will do something stupid.

    FWIW, despite some of my more rabid anti Apple/fanboi posts on here, I do like Apple computers I just despise the attitude of the company and the fanbois.

  42. Anonymous Coward
    Anonymous Coward

    This changes everything, again

    'nuff said.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019