Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

MAC Defender Rogue Anti-Malware Program Attacks Macs via SEO Poisoning
Intego ^ | May 2,2011

Posted on 05/02/2011 11:28:51 AM PDT by Swordmaker

Intego has discovered a rogue anti-malware program called MACDefender, which attacks Macs via SEO poisoning attacks. When a user clicks on a link after performing a search on a search engine such as Google, this takes them to a web site whose page contains JavaScript that automatically downloads a file. In this case, the file downloaded is a compressed ZIP archive, which, if a specific option in a web browser is checked (Open “safe” files after downloading in Safari, for example), will open. The file is decompressed, and the installer it contains launches presenting a user with the following screen:

If the user continues through the installation process, and enters an administrator’s password, the software will be installed.

It is important that users not continue with any unexpected installation of this type. Intego VirusBarrier X6′s malware definitions will be updated today, and Intego will be publishing a security memo when we have more information about this malware. For now, the threat is low, but users should be careful not to install software when installers open unexpectedly.

May 2, 2011Security


TOPICS: Business/Economy; Computers/Internet
KEYWORDS: apple; computers; internet; mac; osx; tech
Navigation: use the links below to view more comments.
first 1-2021-4041 next last
Of course if you haven't installed Intego's anti-virus OSX itself will warn you that you are download, installing, and attempting to run a Trojan horse program! But Intego's anti-virus program TURNS OFF that built in protection so that IT can do that job instead! WHOOPEE!
1 posted on 05/02/2011 11:28:54 AM PDT by Swordmaker
[ Post Reply | Private Reply | View Replies]

To: ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; AFreeBird; Airwinger; Aliska; altair; ...
Intego's warns about Trojan for OSX —PING!

Please, No Flame Wars, Discuss technical issues, software, and hardware.
Don't attack people!

Don't respond to the Anti-Apple Thread Trolls!
 PLEASE IGNORE THEM!!!

 


Apple security semi warning Ping!

If you want on or off the Mac Ping List, Freepmail me.

2 posted on 05/02/2011 11:34:44 AM PDT by Swordmaker (This tag line is a Microsoft product "insult" free zone.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

What kind of idiot just blindly gives administrator permission to install any and all software downloaded from the ‘net, even that which you did not request or intentionally download?


3 posted on 05/02/2011 11:36:39 AM PDT by TheBattman (They exchanged the truth about God for a lie and worshiped and served the creature...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

This can’t be true! Macs never get viruses. The Mac users here continually tell us this. < /sarc>


4 posted on 05/02/2011 11:38:15 AM PDT by OrangeHoof (Washington, we Texans want a divorce!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: OrangeHoof
This can’t be true! Macs never get viruses.
I don't think it counts as a virus if you have to manually install it.
5 posted on 05/02/2011 11:44:39 AM PDT by Johnny B.
[ Post Reply | Private Reply | To 4 | View Replies]

To: TheBattman
What kind of idiot just blindly gives administrator permission to install any and all software downloaded from the ‘net, even that which you did not request or intentionally download?

PC users which have been doing it for years. But now they have switched to Mac because "Macs don't get viruses".

Now all of the PC problem children who click, download and install without reading or thinking are now Mac users who click, download and install without reading or thinking.

Welcome to the party, pal!

6 posted on 05/02/2011 11:49:36 AM PDT by Anitius Severinus Boethius
[ Post Reply | Private Reply | To 3 | View Replies]

To: TheBattman
What kind of idiot just blindly gives administrator permission to install any and all software downloaded from the ‘net, even that which you did not request or intentionally download?

PC bigots are those kind of idiots. Among other titles I held, I was a senior Windows admin over servers and desktops, directing other techs. There were a few workers who insisted on downloading crappy freeware from the net, even though it corrupted their machines. So we blocked their ability to do so. And they would work around the blocks, and re-infect their PCs, then call us for help. We were an IT shop, and these were for the most part high-up managers and supervisors who felt they were entitled to put anything on their desktop PCs. Idiots all.

7 posted on 05/02/2011 11:49:49 AM PDT by roadcat
[ Post Reply | Private Reply | To 3 | View Replies]

To: Johnny B.
I don't think it counts as a virus if you have to manually install it.

Most PC viruses require the user to click on something to install it.

8 posted on 05/02/2011 11:50:51 AM PDT by Anitius Severinus Boethius
[ Post Reply | Private Reply | To 5 | View Replies]

http://aroundthesphere.files.wordpress.com/2010/04/popcorn.jpg


9 posted on 05/02/2011 11:54:39 AM PDT by TheOldLady
[ Post Reply | Private Reply | View Replies]

To: roadcat

The problem really is that end users have acess to an admin account, or in the case of Unix, root. This should not be allowed.


10 posted on 05/02/2011 11:55:59 AM PDT by proxy_user
[ Post Reply | Private Reply | To 7 | View Replies]

To: proxy_user
The problem really is that end users have acess to an admin account, or in the case of Unix, root. This should not be allowed.

All of my Macs have a local administrator account that is never used for anything but administrative necessities. I'm the only one who has the password. I and all the rest of the family use general user accounts without admin access for all our work. The root account is disabled.

Windows is supposed to work this way too, but there are thousands of shitty Windows programs that won't install and/or run if they don't have admin access. I'm told this is less of a problem than it used to be, but I wouldn't know, having abandoned Windows forever after XP2.

11 posted on 05/02/2011 12:15:30 PM PDT by ccmay (Too much Law; not enough Order.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: OrangeHoof

Yes they can. If you proactively give something root access to be installed on your system. But only an idiot would do that. Unlike windows XP, where putting it on the Internet, you’ll get infected with something before you can download all the patches.


12 posted on 05/02/2011 12:36:52 PM PDT by SengirV
[ Post Reply | Private Reply | To 4 | View Replies]

 

13 posted on 05/02/2011 12:57:23 PM PDT by smokingfrog ( sleep with one eye open ( <o> ---)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Anitius Severinus Boethius
Most PC viruses require the user to click on something to install it.
Often, all the user has to do is plug the computer into a network, or plug in a USB drive. I worked for a company that had a testing lab with over 100 Windows-based computers, most of which were never used interactively, yet they all were infected with a virus within minutes of an infected thumb drive being plugged in to one of the computers.

This isn't a virus. It's malware that has to be manually installed, using the full-fledged software installation process. That's a huge difference from just inserting a thumb drive.

14 posted on 05/02/2011 1:01:13 PM PDT by Johnny B.
[ Post Reply | Private Reply | To 8 | View Replies]

To: Anitius Severinus Boethius
Most PC viruses require the user to click on something to install it.

To install malware on a Mac requires providing an Administrator name and password, not just "clicking on something" to install it...

15 posted on 05/02/2011 1:16:01 PM PDT by Swordmaker (This tag line is a Microsoft product "insult" free zone.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: Swordmaker

If a person allows this crap to install on their computer they should be banned from the internet forever, lol!!! The USER must do some really dumb things to get this crap installed on their machine, sheesh.


16 posted on 05/02/2011 1:20:16 PM PDT by TheStickman
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

If a person allows this crap to install on their computer they should be banned from the internet forever, lol!!! The USER must do some really dumb things to get this crap installed on their machine, sheesh.


17 posted on 05/02/2011 1:20:24 PM PDT by TheStickman
[ Post Reply | Private Reply | To 1 | View Replies]

To: Johnny B.

Yes, there are some viruses like that. But the vast majority of viruses are put on because of user error. And Mac has done a great job of attracting the worst users on the PC side.


18 posted on 05/02/2011 1:32:35 PM PDT by Anitius Severinus Boethius
[ Post Reply | Private Reply | To 14 | View Replies]

To: Anitius Severinus Boethius

Stop talking about me.


19 posted on 05/02/2011 1:34:04 PM PDT by brytlea (A tick stole my tagline....)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Swordmaker
Yep, it sure does. And those users will do it. They will see something that will “optimize” their system, they will click on it, it will ask for their Administrator credentials and they will give it.
20 posted on 05/02/2011 1:35:24 PM PDT by Anitius Severinus Boethius
[ Post Reply | Private Reply | To 15 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson