Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mac Malware Evolves - No Install Password Required

Posted by samzenpus on from the under-the-wire dept.

An anonymous reader writes "The latest versions of the Mac Defender malware attacks no longer require users to enter their admin credentials (username and password) upon install. A threat called 'Mac Guard' installs itself into areas of the Mac OS X system that only require standard user privilege. On Windows the criminals did this to avoid UAC warnings, and have copied this trick to their Mac OS X releases."

2 of 374 comments (clear)

  1. Re:No surprises here by gad_zuki! · · Score: 5, Insightful

    How about the comments in the last article from the fanboys screaming "BUT THEY NEED TO PUT IN THEIR PASSWORD UNLIKE SHITTY WINDOWS" and then modded up to +5 insightful.

    Welcome to the new reality. I think they'll find that userland rights on any modern OS are pretty lenient and will allow for a great deal of scammy malware activities. Malware doesnt need to run in any system directory or open any low ports or anything.

    Now is probably a good time to invest in OSX AV products.

  2. Re:No surprises here by gad_zuki! · · Score: 5, Insightful

    That's a little like saying "Oh just run noscript or make disable the java plugin" in the Windows world. Most end user have no clue what "safe files" are or what any of what you wrote means.

    Not to mention, any web based exploit can install this malware now. It runs purely in userland. Java exploits, flash exploits, browser exploits, etc open the gate for this malware. Today its the safe files in Safari, tomorrow its one of dozens of Java exploits.

    Its simply easier for end users to do updates and buy an AV than to dick around with settings they don't remotely understand. To Apple's benefit they're usually good about software updates and also update Java (at least for now).