Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mac Malware Evolves - No Install Password Required

Posted by samzenpus on from the under-the-wire dept.

An anonymous reader writes "The latest versions of the Mac Defender malware attacks no longer require users to enter their admin credentials (username and password) upon install. A threat called 'Mac Guard' installs itself into areas of the Mac OS X system that only require standard user privilege. On Windows the criminals did this to avoid UAC warnings, and have copied this trick to their Mac OS X releases."

6 of 374 comments (clear)

  1. I am safe. by Anonymous Coward · · Score: 5, Funny

    My PC can't get Mac malware.

  2. Re:PEBKAC by Anonymous Coward · · Score: 5, Funny

    Comments like that make me think you are not participating in the two minute hate.

    Just embrace the hate of apple and join the group think.

  3. Re:No surprises here by Low+Ranked+Craig · · Score: 5, Interesting

    Follow up. I find it interesting that they gloss over the fact that to completely avoid this all you need to do is turn off download safe files in safari, and/or not be stupid. Their solution is to purchase their anti-malware package for Mac. Question for samzenpus, how much did these guys pay you to post this?

    --
    I still cannot find the droids I am looking for...
  4. Good News for the App Store by vwjeff · · Score: 5, Interesting

    This just gives Apple one more reason to force all application installs via the app store in future versions of the OS. The other reason of course is money.

  5. Re:No surprises here by gad_zuki! · · Score: 5, Insightful

    How about the comments in the last article from the fanboys screaming "BUT THEY NEED TO PUT IN THEIR PASSWORD UNLIKE SHITTY WINDOWS" and then modded up to +5 insightful.

    Welcome to the new reality. I think they'll find that userland rights on any modern OS are pretty lenient and will allow for a great deal of scammy malware activities. Malware doesnt need to run in any system directory or open any low ports or anything.

    Now is probably a good time to invest in OSX AV products.

  6. Re:No surprises here by gad_zuki! · · Score: 5, Insightful

    That's a little like saying "Oh just run noscript or make disable the java plugin" in the Windows world. Most end user have no clue what "safe files" are or what any of what you wrote means.

    Not to mention, any web based exploit can install this malware now. It runs purely in userland. Java exploits, flash exploits, browser exploits, etc open the gate for this malware. Today its the safe files in Safari, tomorrow its one of dozens of Java exploits.

    Its simply easier for end users to do updates and buy an AV than to dick around with settings they don't remotely understand. To Apple's benefit they're usually good about software updates and also update Java (at least for now).