*Warning

(for adventurous eaters only)


Orbital Defender (raincoven, Temapavloff) Mac OS

broken image


The Mac Defender Trojan Horse phishing scam was back in the news this week. Twice.

First, a more virulent variation of the malware was detected. In this latest iteration, the phony program is named MacGuard. The new wrinkle is that it doesn't require an administrator's password to install. This means that any user on a Mac has the authority to install the malware. Of course, unless said user also had a credit card number to offer, this does not significantly alter the risk.

Apple's latest efforts to keep the likes of Mac Defender away from systems running Mac OS X have already been thwarted by a new variant of the malware dubbed ‘Mdinstall.pkg’, according. Mac OS X Snow Leopard (version 10.6) is the seventh major release of macOS, Apple's desktop and server operating system for Macintosh computers. Snow Leopard was publicly unveiled on June 8, 2009 at Apple's Worldwide Developers Conference.On August 28, 2009, it was released worldwide, and was made available for purchase from Apple's website and retail stores at the price of US$29 for a. Mac Defender is a fake rogue anti-spyware program that for the Mac OS operating system. This infection is spread through the use of advertisements on web sites that pretend to be fake online.

Second, a new Apple support article revealed that Apple is working on an update to Mac OS X (presumably 10.6.8) that will 'automatically find and remove Mac Defender malware and its known variants. The update will also help protect users by providing an explicit warning if they download this malware.'

Orbital Defender (raincoven Temapavloff) Mac Os -

The support article went on to offer recommendations on how to remove the malware if you inadvertently fall victim to this scam prior to the release of 10.6.8.

Meanwhile, a prior report (unconfirmed by Apple) cited an internal Apple memo advising AppleCare employees not to 'confirm or deny whether the customer's Mac is infected (by the malware) or not.' Not surprisingly, critics jumped all over this. For example, Infoworld's Robert X. Cringely lamented that this was yet another example of Apple being 'arrogant beyond belief and helpful only when forced into a corner.'

My view is more benign. While I wish Apple had been more helpful out-of-the-gate, I can understand Apple's reluctance to offer advice over the phone—potentially leading to making a bad situation worse if instructions are not correctly followed—before Apple fully understood what they were dealing with. In a worst case scenario, I could see Apple exposed to a lawsuit, with users seeking to recover damages incurred by Apple's supposed 'bad' advice. Regardless, Apple has apparently concluded its investigation and has responded in an appropriate manner.

How will Apple's update work?

Orbital defender (raincoven temapavloff) mac os -

I was especially intrigued by the promised specificity of Apple's upcoming fix. It is one of the very few times that Apple has included code in Mac OS X that is targeted at a specific security threat. In fact, the only other targeting (of which I am aware) is the XProtect.plist file of malware definitions included in Mac OS X 10.6. The protection offered here remains limited. Back in 2009, the file included only two definitions: one each for RSPlug.A and iService. As of the current Mac OS X 10.6.7, the file has added definitions to protect against two further attacks: HellRTS and OpinionSpy.

Even in cases where the XProtect.plist file is of value, the protection is only against installing the software. Cannon arena mac os. The feature offers no way to remove malware after it has been installed. This is in apparent contrast to the upcoming Mac OS X update, which promises to 'find and remove Mac Defender.' It will be interesting to see exactly how Mac OS X 10.6.8 implements this removal. Will it work via the XProtect.plist file or via some other mechanism?

Orbital Defender (raincoven Temapavloff) Mac Os Download

This also has me wondering about Apple's plans for the future. Is this response to Mac Defender a limited deal for Apple? Or does it now plan to regularly update Mac OS X to cope with the latest malware and virus attacks? My guess is that Apple will assess each threat on a case-by-case basis. Don't expect an identical response from Apple to all future attacks.

The larger view

Orbital Defender (raincoven Temapavloff) Mac Os Free

Overall, similar to what Rich Mogull argued here at Macworld, I consider Mac Defender to be a rather low risk threat. Most users will never confront any Mac Defender variant. And those that do will still need to be 'tricked' by the software before they are in any real danger. At the same time (as I covered in a previous Bugs & Fixes column), you should remain suspicious of any and all unsolicited requests to install software or provide confidential information. This is not difficult to do and it doesn't require any third-party software (such as Intego's VirusBarrier). Being appropriately vigilant while recognizing that the risk of an 'infection' is small are not inconsistent or mutually exclusive propositions.





broken image
PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save