Don't attack people!
Don't respond to the Anti-Apple Thread Trolls!
PLEASE IGNORE THEM!!!
Apple ANOTHER MacDefender Thread Ping!
If you want on or off the Mac Ping List, Freepmail me.
Posted on 05/27/2011 7:14:04 AM PDT by for-q-clinton
The once relatively virus-free Apple Mac ecosystem has been tainted forever by a nasty malware scam and you sense an age of innocence has ended. It’s a deadly shock to that ecosystem because now a second variant bug has arrived that requires no password.
The malware first manifested itself when Mac users noticed ads for a product called Mac Defender that promised to protect them against malware and viruses. However, it turned out Mac Defender was actually a piece of malware that becomes active on a desktop after a user is suckered into entering a password, and floods the screen with pop-up pornography sites.
Since then a number of variants – MacGuard, MacSecurity and MacProtector - have arrived.
According to security firm Intego, the goal of this fake antivirus software is to trick users into providing their credit card numbers to supposedly clean out infected files on their Macs.
New variant requires no passwords
Intego has discovered a new variant of this malware that functions slightly differently. It comes in two parts.
The first part is a downloader, a tool that, after installation, downloads a payload from a web server. As with the Mac Defender malware variants, this installation package, called avSetup.pkg, is downloaded automatically when a user visits a specially crafted website.
If Safari's "Open ‘safe’ files after downloading" option is checked, the package will open Apple's Installer, and the user will see a standard installation screen.
If not, users may see the downloaded ZIP archive and double-click it out of curiosity, not remembering what they downloaded, then double-click the installation package. In either case, the Mac OS X Installer will launch.
“Unlike the previous variants of this fake antivirus, no administrator's password is required to install this programme. Since any user can install software in the Applications folder, a password is not needed,” Intego said in a warning note.
“This package installs an application - the downloader - named avRunner, which then launches automatically. At the same time, the installation package deletes itself from the user's Mac, so no traces of the original installer are left behind.”
The second part of the malware is a new version of the MacDefender application called MacGuard. This is downloaded by the avRunner application from an IP address that is hidden in an image file in the avRunner application's Resources folder. (The IP address is hidden using a simple form of steganography.) Intego VirusBarrier X6’s Anti-Spyware feature detects this operation:
“Intego considers that the risk for this new variant to be medium, in part because the SEO poisoning has been very efficient in leading Mac users to booby-trapped pages, but also because no password is required to install this variant.”
P.S. You can disagree. I didn’t form my reply very intelligently.
I understand your disagreement with my original statement.
Consider yourself not a part of the ‘general public’, then see if you disagree with that statement.
Adding general public, I agree 100 percent.
Hopefully working at the Naval Academy. It has been a dream of mine.....not teach but working in one of the departments. We shall see how that works out. Thank you.
IIRC, Apple doesn’t provide AV service in their operating system. That is what brought attention to this bug, because it tried to pretend to be the OS and say it had to ‘fix’ a virus.
Since their OS doesn’t EVER do that, it became obvious.
Apple has stated that it is up to AV software to do that.
They are making an exception, because of the nature of this particular virus, and I am sure because of the PR problem.
So... be hard on them if you wish, but they do not have a policy of providing security updates, as Windows has had, and has found necessary to have.
Just like to see all the FACTS laid out on the table during a debate.
It does not take MS a few months to update it’s anti-virus signatures. This isn’t a patch apple is releasing it’s an Anti-virus/malware definition.
Wow you must love Microsoft then. They have a full feature AV scanner for free and they update quicker than apple does. Plus you can get FREE phone support if you have a virus/malware on your machine.
I posted this initial thread. I’m not bashing apple products. They are pretty good products...over priced but good hardward. Even their OS is solid now, but what I can’t stand is the macbots lying to everyone about how secure their OS is and how windows is garbage. Selling fake security is downright evil...it’s no different than selling snake oil to cure cancer. They are praying on the weak. They are the next Robert Tilton selling salvation to those who will send him enough money.
There are two types of people in the world:
1) Those who put people into groups
2) Those who do not put people into groups
Which group are you in?
That is good to know. I have tried to chase down a couple of malware issues on friends' computers, and have hated every minute of it. Would have loved to have had a clue...We still use XP at work, and I was fighting a losing battle in Win 7...or Vista...who knows...did I mention I hated every minute of it?
You should try hitman pro.
If you want on or off the Mac Ping List, Freepmail me.
Forget their OS. Let's compare stock charts over the last 10 years.
MSFT = Flat Lined.
AAPL = +2800%.
What have investors discovered that escapes you?
Actually, they do have a built in protection against the known five known Trojan families... and this is a new one. Apple will be releasing an update that will protect against this one as soon as they have tested the protection to assure it will not break something else in the OS.
The “FACT” is that, while they weren’t a target for malware and/or viruses, they were content to glide along as the OS which didn’t have the same problems as Microsoft, and they were able to get away with that as long as hackers and malware writers didn’t see real value in targeting the small and less significant OS share that Apple had.
Now that malware/virus writers are targeting Macs, Apple wanted to pass blame for the problems to others. But, they’ve been caught, and 10% or more of a market makes them attractive markets, and the solution that used to save Apple, namely, “security through obscurity”, isn’t valid any more.
While it’s true that Apple doesn’t provide AV software, the times have changed, and they’re going to have to provide services which they never anticipated. Microsoft learned their lessons a few years ago, and now it’s time for Apple to acknowledge the problems and be preemptive as well, or at least, reactive in a timely and responsible manner.
AAPL stock: a bubble equivalent to the recent real-estate bubble, which burst bringing down the economy with it. It’s just a matter of time before it bursts, just like the housing market.
That is not why I pay a premium for Apple products.
It is curious to me that people like you are continually accusing us Apple users of the very thing you are doing, disparaging the users. You are always complaining that we Mac users are a cult, we are gay, we are Macbots, etc. We rarely, if ever, blast Windows or Linux users but you are always accusing us of that. You project yourselves onto us. Why? If you see something negative about Apple you gleefully rush here to post it. Why? Don't you consider that juvenile?
I've been saying for years now that Mac users will begin to see hacker problems if Apple's market share gets big enough to make it worth the trouble.
Pretty much every time I said it, I was met with derisive dismissals by Mac users, who smugly (there's no other word for it) touted Apple's imperviousness to such things.
Events are proving me right, of course -- and I'm not a a good enough fellow to avoid saying, "toldja so."
See my FR profile:
Okey doke, but before you get too smug remember this thing is of the psychological type where a user has to be tricked into installing it. It is not something that can just sneak in there without help. I don’t think Mac users ever said that Macs were impervious to that.
The new versions are supposed to be able to self-install but I think, not sure, if the user is logged on as a non-adminstrator the machine is still safe. We should all do that anyway.
I am always hearing you guys call us “smug”, etc., but I never see that. I guess you think simply saying “Get a Mac” when someone is talking about a PC problem is being smug. All the smugness I see is Windows users bragging about how they can build a machine that is better and faster at half the price. Sometimes Mac users point out that once apples are compared to apples (pun intended) the price difference is slight or non-existent. Since I have no desire to build a computer I simply say, “If you guys want to do that, go to it. I’ll just buy a Mac and be done with it.”
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.