Apple Plans Update to Address MacDefender Malware

[Ronnieboy]

Wasn't there a "how to get the bunny to post again" thread? Who had -Mac virus and shoutout by ERD50?

[Ed_The_Gypsy]

As always, one of the best defenses is do not fall for con jobs. As Jimmy Buffet says, There is no dumb-ass vaccine.

Glad to hear from you again, cfb!

[ERD50]

Quote:

Originally Posted by cute fuzzy bunny http://www.early-retirement.org/foru...acs-31008.html Here you not only imply that by buying a mac you are effectively immune from malware, you malign people who warn the mac community to be more careful, you claim that anti-virus protection is not needed or worthwhile on a mac, and you suggest this creates additional value. And you started the thread! So yes, you did say it.

Well, I feel confident in leaving it to anyone who wants to slog through that thread to determine for themselves if that is an accurate characterization of what I wrote.

But I'm not going to do the back-and-forth with you on this again, we've played that 'game' and it was always tedious and ultimately unproductive. I'm moving on.

Regardless, the OP brought the subject up, and since there are Mac users on the forum it's good to get these issues aired so they can be informed and take whatever precautions are needed. And if I come across something that I think could be helpful, I'll post it. Like I did in post #7 in this thread, where I pointed out that it "Looks like this got a bit worse:" when a version was released that didn't require a pass word for installation.

That hardly seems consistent with someone you claim will 'malign people who warn the mac community to be more careful,', but... whatever.

-ERD50

[REWahoo]

Quote:

Originally Posted by Ronnieboy Wasn't there a "how to get the bunny to post again" thread? Who had -Mac virus and shoutout by ERD50?

Here ya go - although rather than contest winner this might fit better I under the category of "self-fulfilling prophesy"...

Quote:

Originally Posted by ERD50 He ain't coming back. Not until some wide spread malware takes all the Apple/Mac/OSX computers hostage...

[Moemg]

Hi CFB ! Nice to see you back briefly . Glad all is well and Gabe is doing great .

[deserat]

CFB!!!! Still in CA? Hopefully you've diversified to save yourself from the onslaught of CA taxes coming ;-) Glad to hear Gabe is well and thriving.....

[Moemg]

The most amazing thing about the CFB posting is his ignore poster list must have expired so he could finally see a post to respond to !

[Koolau]

Quote:

Originally Posted by Moemg The most amazing thing about the CFB posting is his ignore poster list must have expired so he could finally see a post to respond to !

I just figured CFB had hit the "ignore all" button.

Seriously, good to hear from the bunny. Glad he's at least checking up on us from time to time.

[Bestwifeever]

Maybe a little snapshot of Gabe the next time you peek out of the rabbit hole, CFB?

[Darryl]

CFB, great to hear from you. Glad all is going well!

[M Paquette]

Apple has released Security Update 2011-003 which adds blocking of the MacDefender trojan app variations.

About Security Update 2011-003

The update can be automatically found and installed using the Software Update... item from the Apple menu, or can be downloaded and manually installed from the above link.

The installation process will also search for and remove known variants of the MacDefender trojan.

[eytonxav]

M Paq,

Thanks for all the info you provided. Both my kids have MacBooks so passed it on to them in case they weren't aware.

[arebelspy]

Update does nothing, virus already has a workaround that defeats Apple's update.

http://apple.slashdot.org/story/11/0...3A+Slashdot%29

lol

Whichever side of the debate you're on, that's just funny.

[M Paquette]

Quote:

Originally Posted by arebelspy Update does nothing, virus already has a workaround that defeats Apple's update. New MacDefender Defeats Apple Security Update - Slashdot lol Whichever side of the debate you're on, that's just funny.

That's /.'s opinion. About as useful as a debate on 4chan.

Meanwhile, the automatic update of the safe downloads filter, new with this security update, gets a push notification, updates, and quashes the new hack.

Oh, and if you see this dialog when you weren't expecting it, click Cancel.

[ERD50]

Quote:

Originally Posted by arebelspy Update does nothing, virus already has a workaround that defeats Apple's update. New MacDefender Defeats Apple Security Update - Slashdot

I was going to comment after M Paquette posted about the update to track this. Since this is a "social engineering" malware, it will be a cat-and-mouse game if the offenders want to keep trying. Using my earlier analogy:


if a stranger knocked on your door and you gave them the keys and access code to your house, along with your vacation schedule.

So all Apple can really do is what would be called 'profiling' if we were dealing with people. Something like, 'well, the last malware was wearing a blue jacket, and black jeans, so we won't let any people dressed like that knock on your door'.

While it might not be politically correct, as some have said, 'It's hard to stop user stupidity with a technological solution.' - Oh, that was you!

Quote:

lol Whichever side of the debate you're on, that's just funny.

Umm, no. I never thought malware, viruses and such on any computer were 'funny'. In fact, I'm furious that in the early days of the internet, they didn't pounce on offenders and make it clear that there was going to be a high price to pay for sending trash to your kid's email accounts and so forth. I think it's sad, and not something that depends on being on any side of any debate, IMO.


-ERD50

[M Paquette]

Quote:

Originally Posted by ERD50 I was going to comment after M Paquette posted about the update to track this. Since this is a "social engineering" malware, it will be a cat-and-mouse game if the offenders want to keep trying.

Exactly. The exploit relies pretty heavily on people doing things that are generally considered unwise these days. Apple can do a reasonable job of making delivery difficult for Russian 'payment service company' ChronoPay, the folks who have been collecting from users scammed by Mac Defender and derivatives.

Ultimately, though, people just need to be aware that there are bad actors out there. Always use caution when opening E-mail attachments and content downloaded from the Internet. When the computer gives you a warning, pay attention.



If the Bad Guys manage to download an Evil App, the quarantine system in Mac OS X will notice the app when it tries to run. You'll get this dialog which lets you cancel launching the app. It may also offer to show the web page where the app came from, if known.

[M Paquette]

Quote:

Originally Posted by ERD50 While it might not be politically correct, as some have said, 'It's hard to stop user stupidity with a technological solution.' - Oh, that was you!

Nobody has come up with a patch yet for user fear and gullibility.

I suppose that also means Variable Universal Life and timeshare salespeople are safe for now.

[arebelspy]

Quote:

Originally Posted by M Paquette That's /.'s opinion. About as useful as a debate on 4chan.

Huh. I wasn't aware people had such a low opinion of /. Care to share why? I have no dog in this fight, I'm just curious.

And actually, if you read the comments on the link, most of them agree with you, and point out that Apple will have the "new" version fixed automatically now once the antivirus checks for it's definition update.

Quote:

Originally Posted by ERD50 Umm, no. I never thought malware, viruses and such on any computer were 'funny'. In fact, I'm furious that in the early days of the internet, they didn't pounce on offenders and make it clear that there was going to be a high price to pay for sending trash to your kid's email accounts and so forth. I think it's sad, and not something that depends on being on any side of any debate, IMO.

Fair enough. I tend to find amusement in things, rather than letting them anger me, and it's not something that depends on being on any side of any debate, IMO.

[M Paquette]

Quote:

Originally Posted by M Paquette Apple can do a reasonable job of making delivery difficult for Russian 'payment service company' ChronoPay, the folks who have been collecting from users scammed by Mac Defender and derivatives.

Followup: The head of ChronoPay, Pavel Vrublevsky, has been arrested in Russia on suspicion of hiring someone to launch a denial-of-service attack against one of his company's main competitors. The arrest is the latest in a series of high-profile actions against people and groups around the world suspected of being involved in the global cybercrime ecosystem.

https://threatpost.com/en_us/blogs/h...rrested-062511

https://threatpost.com/en_us/blogs/s...arrests-062311