Posted on 05/18/2011 10:32:28 AM PDT by Loud Mime
Over the weekend, I got an e-mail from an AppleCare support rep, who was responding to my recent reports of Mac malware being found in the wild. At least one prominent voice in the Mac community dismisses these reports as crying wolf. The view from inside an Apple call center says its for real:
I can tell you for a fact, many, many people are falling for this attack. Our call volume here at AppleCare is 4-5x higher than normal and [the overwhelming majority] of our calls are about this Mac Defender and its aliases. Many frustrated Mac users think their Mac is impervious to viruses and think this is a real warning from Apple. I really wish I could say not many people will fall for this, but in this last week, we have had nothing but Mac Defender and similar calls.
I contacted this person and arranged an interview. Ive edited our conversation to remove any details that might identify this individual or the call center location, but otherwise this is a verbatim transcript.
EB: Until this latest round of fake AV software started, what was a typical week like for you?
AC: Theres usually about 600 or so of us spread around 14 centers for CPU support. Before this started happening, we had 7-12 minutes between calls generally. Now were lucky to have any time between calls.
We started getting a trickle of calls a couple weeks ago. However, this last week over 50% of our calls have been about it. In two days last week I personally took 60 calls that referred to Mac Defender.
EB: Do you have a support database that you share for cases like this?
AC: What do you mean? As in articles for new issues were running into?
EB: Yes, there must have been a point where you noticed that a lot of people were dealing with this Mac Defender thing and that it wasnt just your calls.
AC: We have a team of people who go though all case notes and find new issues that are popping up a lot and send notices to all of AppleCare. Our notice for Mac Defender is that were not supposed to help customers remove malware from their computer.
EB: Wow.
AC: Thats about what i said when I read it. The reason for the rule, they say, is that even though Mac Defender is easy to remove, we cant set the expectation to customers that we will be able to remove all malware in the future. Thats what antivirus is for.
More at the source.
It is NOT a virus, it does not propagate itself.
ONe has to download it and allow the system to install it.
“Just dont believe that a farmhouse is more secure than a townhouse just because nobody has ever broken in.”
(spoken in a slight monotone and dry voice)
You, my friend, have never lived in a farmhouse, have you? :^)
As the market fragments, Apple users can expect to be targeted more.
The irony, of course, is that this particular malware masquerades as an anti-virus application. It only works on people who are worried about viruses.
I had a recent virus infect my Desktop PC. I was using windows defender and the germ went right past that ‘protection’
Somebody told me that if I had hit the ‘reset’ button immediately, the computer would not have been infected.
Does anybody know if that is true?
Anyway, I’m back to using ESET NOD32 on my system. I’ve never had a problem with it.
Good point. RnMomof7, don’t click any link to download anti-virus software. Buy it on your own, understand what it looks like and what its messages say and don’t click anything that looks like that.
They were probably wrong. Most of the really nasty viruses that hit windows are aiming at system files that are in use when you’re using it, they queue to overwrite on reboot so if you do so they’re fully embedded. If you think you’re nailed on windows you need to start running scans immediately and don’t reboot until you’re clean. Basically the opposite of how you fix every other windows problem.
Apple has a very good product, but the fact is that for the longest time the Mac was not the OS ‘of choice’ for the majority of the world. As a result, hackers and virus makers simply ignored it. Now, due in large part to Apple’s dominance over the mobile device market (iPhone, iPad, et al), Apple has taken a huge step into the forefront, which has now attracted the attention of those previously uncaring hackers. Apple needs to stay ahead of them and reinforce their systems, and not just believe their systems are impervious. Otherwise, they’ll be playing catchup like Microsoft for the rest of time.
Hackers have created a virus to infect iPods that have been hacked to run Linux, a number that might run to the high three figures globally. Security by obscurity simply doesn't fly.
The “real world” is windows lepers have spent twenty years pointing at the mac users cold sore and shrieking “SEE!”
From page 2 of the article;
“EB: So customers who get hit by this are installing it and giving their admin password?
AC: Yes.
EB: if they stop before that, nothing bad happens?
AC: Yes, the file will download but for it to install it requres the password. it tries to trick you into giving it by saying its required to remove the infections.
EB: Ah yes, social engineering.
AC: Indeed, looks rather real, if you ignore the fact it pops up in your browser but for most of us that know computers thats a giveaway there.”
Don’t give out your password!
LOL.. Leper vs cold sore....love it!
I was writing of virusmakers - - I understand the difference between trojans and viruses.
But, like the Obama/Osama thing, mistakes are made. Take it easy.
FREE Sophos Anti-Virus for Mac Home Edition
http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx
“Sophos Anti-Virus for Mac Home Edition is available to download at no charge, with no time limit, and requiring no registration, protecting home Mac users against all known malware, including both Mac and Windows-specific threats such as Trojan horses, viruses, worms and spyware. Based on Sophos’s flagship security software, currently protecting over 100 million business users worldwide, Sophos Anti-Virus Home Edition for Mac was released in response to growing concern about Mac malware.”
That’s what I was thinking from the article. It calls itself anti-virus software, but you have to actively download it.
A while back, I got Sophos for my iMac. Sophos is the company that provides anti-virus protection for Mac servers and businesses. They offered a free program that would protect regular Macs. For browser, I use Safari and Firefox, and Chrome on occasion. I haven’t had any problems at all since I’ve installed it.
I saw the Mac Defender pop up once, but since I’m already protected, I just deleted it.
Here are two articles, one from CNET and one from Cult of Mac. They can give you more information about it.
http://reviews.cnet.com/8301-13727_7-20022243-263.html
http://www.cultofmac.com/sophos-anti-virus-for-mac-review/68681
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.