MacDefender

Options for forcing OS X to update malware definitions

Apple's latest security update implements new malware definitions for Apple's XProtect feature to notify users if they have downloaded or installed the latest malware scams that target OS X users. In addition to locating and removing these threats, Apple has implemented a method to keep the malware definitions updated on a daily basis so users do not have to keep installing security updates to address these threats. While users can wait a day to have the system update the malware definitions, there are a couple of other options people can do to force an update to the malware … Read more

MacDefender taking on more names of legitimate software packages

The MacDefender developers are continuing to uphold their criminal attempts to steal Mac users' information by changing the name of their scam software yet again. So far they have been using the naming scheme of the word "Mac" followed by a security-related word such as Defender, Security, or Protector. The latest name to be used for this software is MacShield, and as with the other names appears to be a drop-in change to the same interface used in the other malware. Unfortunately, beside being confusing to users, this naming scheme is adversely affecting legitimate Mac developers who have … Read more

Apple quashes latest version of MacDefender

Apple is updating Mac OS X Snow Leopard systems with protection against the latest variant of MacDefender, after criminals wrote a new version of MacDefender to circumvent the OS X malware detection added earlier this week.

A new entry for "OSX.MacDefender.C" is being pushed out via automatic updates to the Xprotect.plist file that contains the signatures for identifying malware, according to a report published by Italian Web site Spider-Mac.

The malware writers are likely to continue creating new variants, but Apple appears willing and able to try to stay on top of them.

MacDefender is … Read more

Apple's malware detection update circumvented in 8 hours

Update (June 2, 7:51am): In less than a day Apple's Snow Leopard is back in the lead with the ability to detect this new variant.

Let the cat and mouse games commence. Less than a day after Apple tackled the malware threats in OS X with an updated implementation of its malware detection technologies, the MacDefender malware developers have issued another variant that bypasses Apple's definitions to root out and remove the malware.

As described by ZDNet editor Ed Bott, the new variant comes as a download called "Mdinstall.pkg" and will run without being … Read more

Apple's new malware security offers daily definitions updates

The recent MacDefender malware (aka MacProtector and MacSecurity) scams have duped a number of people into unknowingly offering their credit card information. In the days and weeks following the initial reports of this malware we and other sites covered the scope of it and how to remove it. Apple followed by issuing a knowledge base article of its own on how to remove the malware, and also mentioned that OS X would be updated to include detection for this malware.

As CNET's Josh Lowensohn reported earlier, Apple today released a security update that addresses this threat by providing OS … Read more

Apple security update targets MacDefender malware

As promised, Apple's released a security update to address the MacDefender malware, as well as its known variants.

Security Update 2011-003, which went out to Mac OS 10.6 Snow Leopard users this afternoon, adds file quarantine and built-in removal of the MacDefender malware.

"The installation process for this update will search for and remove known variants of the MacDefender malware," Apple's support document reads. "If a known variant was detected and removed, the user will be notified via an alert after the update is installed."

The MacDefender malware, which also goes by the … Read more

Apple standard procedures won't work with security

On May 24, Apple posted a support forum entry on how to avoid or remove the MacDefender malware that's been plaguing an unknown number of users since early May. And I'm glad they did. But the support forum is way overdue, and Apple's standard method of responding to user issues--ignore them until they won't go away and then issue a response when the outcry gets too loud--simply won't fly where user security is at stake.

Mac users are a juicy, unprotected target for hackers, phishers, and scammers, and Apple needs to drop the impenetrable fortress … Read more

Securing your Mac from the new MacGuard malware variant

The MacDefender phishing malware for OS X has caused a bit of concern in the Mac community. People who inadvertently visit the false "Apple Security Center" Web site are downloading the installer for the scam software and installing it. This has previously required users to interact with the software installer and provide an admin password to install the package; however, as reported on by CNET editor Elinor Mills, a new variant installs the program under the current user's account and uses an install option that does not require an admin password.

Overall this new variant is not … Read more

Updated rogue AV installs on Macs without password

A new version of rogue antivirus malware that targets the Macintosh operating system does not need victims to type in their administrator passwords to install and infect the machine, a security company said today.

The latest version of the malware has been overhauled to look like a native Mac OS X application and is using the application name MacGuard, according to an Intego blog post. But particularly concerning is the fact that unlike previous versions, which were dubbed Mac Defender, MacProtector, and MacSecurity, MacGuard installs itself without prompting for the admin password.

"If Safari's 'Open safe files after … Read more