Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

New Apple antivirus signatures bypassed within hours by malware authors
ZDNet ^ | May 31, 2011 | Ed Bott

Posted on 06/01/2011 8:10:35 AM PDT by Wooly

Update June 1, 6:00AM PDT: The bad guys have wasted no time. Hours after Apple released this update and the initial set of definitions, a new variation of Mac Defender is in the wild. This one has a new name, Mdinstall.pkg, and it has been specifically formulated to skate past Apple’s malware-blocking code.

The file has a date and time stamp from last night at 9:24PM Pacific time. That’s less than 8 hours after Apple’s security update was released.

On a test system using Safari with default settings, it behaved exactly as before, beginning the installation process with no password required.

As PC virus experts know, this cat-and-mouse game can go on indefinitely. Your move, Apple.

I’ve also captured a video that shows the File Quarantine feature successfully blocking an attempt to automatically install the Mac Guard malware. See below.

After a month-long Mac Defender/Mac Guard malware attack, Apple has finally released the security update it promised last week. The update takes Apple one step closer to turning an obscure security feature into something very close to full-fledged antivirus software.

(Excerpt) Read more at zdnet.com ...


TOPICS: Business/Economy; Culture/Society; News/Current Events; Technical
KEYWORDS: apple
Navigation: use the links below to view more comments.
first 1-2021-4041-6061-80 ... 101-106 next last

1 posted on 06/01/2011 8:10:40 AM PDT by Wooly
[ Post Reply | Private Reply | View Replies]

To: for-q-clinton

Ping!


2 posted on 06/01/2011 8:16:00 AM PDT by TomServo
[ Post Reply | Private Reply | To 1 | View Replies]

To: 2nd amendment mama

Ping!


3 posted on 06/01/2011 8:19:20 AM PDT by basil (It's time to rid the country of "gun free zones" aka "Killing Fields")
[ Post Reply | Private Reply | To 1 | View Replies]

To: Wooly
Whoa...wait a minute. I need to show this to a certain family member that always condescendingly says Macs are unable to be hacked or get a virus. Next time she acts all surprised that we in Alabama order sweet tea at restaurants (apparently Texans have something against putting sugar in their tea while it is still hot, lol), I'll have to bring this up!
4 posted on 06/01/2011 8:20:25 AM PDT by sweet_diane (Adoption, the beautiful choice!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

Ping


5 posted on 06/01/2011 8:21:59 AM PDT by Keith in Iowa (FR Class of 1998 | TV News is an oxymoron. | MSNBC = Moonbats Spouting Nothing But Crap.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Wooly

You are telling me that the “perfect...un hackable....awesome” Mac is now vulnerable to Malware?

No way. That’s not what I hear from (Mac Freepers covering their ears with NANANANANANANANANA I DONT HEAR YOU MACS ARE PERFECT)


6 posted on 06/01/2011 8:22:39 AM PDT by max americana (.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Wooly

Man this is bad news. The malware guys must have hired the only guy in the world that knows how to attack OSX—Charlie Miller.

I remember hearing how the only way OSX lost 3 years in a row at pwn2own was because Charlie prestaged his attacked, wanted to win the Mac over the other machines, and he was a super genius from NASA who was smarter than any chicom or russian.

Of course the 4th year when OSX was the first to fall (again) it wasn’t charlie who did it, but some Canadians. It looks like the other nations are catching up to us and can produce their own Charlie’s to hack OSX.

I wonder when the macbots will admit user education is the key because without that...no computer is safe.


7 posted on 06/01/2011 8:27:16 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Wooly

Ping


8 posted on 06/01/2011 8:27:53 AM PDT by dragonblustar (Got toast?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: max americana

Yep, and they can get this malware without even entering the admin password! I swore there were macbots on here before saying it’s impossible to install any malware without entering the admin password.

So obviously it’s easy to trick a macbot into installing malware since they think OSX will prompt them for a password before they screw it up. Guess they were wrong.

How long until they apologize for their misinformation?


9 posted on 06/01/2011 8:29:23 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 6 | View Replies]

To: max americana
Yup, now Mac users have 3 different malware programs and 0 viruses to worry about.

As opposed to the more than 100,000 such programs which run under Windows and have been a major problem for the last couple of decades.

I guess it's time to switch back to Windows. /sarc

10 posted on 06/01/2011 8:29:54 AM PDT by Johnny B.
[ Post Reply | Private Reply | To 6 | View Replies]

To: Wooly
After a month-long Mac Defender/Mac Guard malware attack, Apple has finally released the security update it promised last week. The update takes Apple one step closer to turning an obscure security feature into something very close to full-fledged antivirus software.

Security Update 2011-003 includes changes to the File Quarantine feature, which beginning with Snow Leopard also includes antimalware checkssoftware. This update includes definitions for Mac Defender and its known variants, as well as an automated removal tool. It works only with the most recent version of Snow Leopard, 10.6.7. Earlier versions of OS X are apparently not included.

So let me get this straight. Apple is NOT fixing this for versions previous to snow leopard? WTF?! If Microsoft did that they'd be lampooned. They still release security patches for XP!

It took Apple about 1 month to release a virus definition!? WTF! I guess they do want 3rd party AV to step in and secure them from viruses/malware.

Apple is running their own AV on snowleopard OSX, but won't make it available to previous versions of OSX? That is awful support. Security needs to come first Apple--fix this and make it right for all versions of OSX. At least those released in the past 4 years.

11 posted on 06/01/2011 8:35:01 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Wooly
best part of the article:

•At the bottom of the Mac OS X Security page, after much chest-thumping about built-in security features: “The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, antivirus software may offer additional protection.”

•At the bottom of the Mac OS X Security page, after much chest-thumping about built-in security features: “The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, antivirus software may offer additional protection.”

•From Mac OS X 10.6 Help: “Some harmful applications exist that can cause problems for your computer. Frequently, a harmful application will try to appear as an innocent document, such as a movie or graphic file. … Run an antivirus program if you find any suspicious files or applications, or if you notice any suspicious behavior on your computer.”

•An August 2008 support document, “Safety tips for handling email attachments and content downloaded from the Internet”: “Only download and install applications from trusted sources, such as well-known application publishers, authorized resellers, or other well-known distributors. It is also advisable to use antivirus software to scan any files before installation. A selection of third-party products may be found at the Macintosh Products Guide.”

12 posted on 06/01/2011 8:39:30 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 1 | View Replies]

To: for-q-clinton

These Macheads remind me of the time Freepers kept bragging about how “perfect’ Malwarebytes is..

Guess what? IT’S NOT. I used to work for a well-known AV company in Los Angeles and I witnessed a TLD4 rootkit render it useless...yes, the PRO PAID VERSION of Malwarebytes.


13 posted on 06/01/2011 8:40:10 AM PDT by max americana (.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: ShadowAce

tech ping please.


14 posted on 06/01/2011 8:41:10 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 1 | View Replies]

To: for-q-clinton; Swordmaker

Wouldn’t this be an Apple ping?


15 posted on 06/01/2011 8:43:55 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 14 | View Replies]

To: for-q-clinton

What happens if a Mac user is logged in as a Standard User, rather than an admin? I would think that there’s no way it would install without prompting the user to enter the admin user name and password.


16 posted on 06/01/2011 8:44:28 AM PDT by dfwgator
[ Post Reply | Private Reply | To 9 | View Replies]

To: Wooly

Password is required for the installation of this trojan. Period.


17 posted on 06/01/2011 8:44:50 AM PDT by TheStickman
[ Post Reply | Private Reply | To 1 | View Replies]

To: Wooly

Password is required for the installation of this trojan. Period.


18 posted on 06/01/2011 8:44:59 AM PDT by TheStickman
[ Post Reply | Private Reply | To 1 | View Replies]

To: max americana

Yep. This is really raining on their parade. I’m not happy that OSX is getting hacked and malware attacking it, but I am glad that this should shut the idiots up. However, it won’t.

How long until they come in here saying this isn’t a real issue...it’s just stupid users installing stuff they shouldn’t. But they are the same people who attack windows for it’s stupid users installing porn.exe to get free porn.

We can just replay their asinine arguments now that they finally have malware by-passing OSX security.

At least no one is coming in here saying...use Linux or Windows and you won’t have to worry about MacGuard.


19 posted on 06/01/2011 8:45:20 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 13 | View Replies]

To: TheStickman

Read again. No password needed :-)

Period.


20 posted on 06/01/2011 8:45:55 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 17 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-6061-80 ... 101-106 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson