Mac Defender virus
Home page > Hot Topics > Mac Defender virus
6 June 2011
Apple issues Mac Defender patch... for Snow Leopard onlyApple has quickly issued an update to block the Mac Defender malware targeting its users - but only for those on the latest OS. The Mac Defender virus that has plagued Apple since the beginning of May recently mutated into a more dangerous strain, according to security firm Intego. Several variations of the fake antivirus malware have appeared since Mac Defender first emerged, but Intego claims the latest is more of a threat because it no longer needs an admin password for installation. “Unlike the previous variants of this fake antivirus, no administrator’s password is  required to install this program,” the company said on its blog. “Since any user with an administrator’s account – the default if there is just one user on a Mac – can install software in the Applications folder, a password is not needed," the post said. “This package installs an application – the downloader – named avRunner, which then launches automatically. At the same time, the installation package deletes itself from the user’s Mac, so no traces of the original installer are left behind.” Intego said it was grading the issue as a medium-level threat, partly because the widespread attention to the virus had led to SEO poisoning, with malware sites appearing high in search results. Last week, Apple came under fire for taking too long to acknowledge the threat of the fake antivirus, which specifically targets Mac users, and for not offering support to its customers. Apple has now offered a security update fixing the problem. "If Mac Defender malware is found, the system will quit this malware, delete any persistent files, and correct any modifications made to configuration or login files," the company said in a security advisory. Sophos security researcher Chester Wisniewski said the update was "a good reaction from Apple in a short amount of time," but warned that the update only applies to the most recent version of OS X, Snow Leopard, "so older Mac users are left unprotected," he said. About three in ten Mac users are running older versions of the OS, according to stats from Net Applications.
|