Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mac OS Update Detects, Kills MacDefender Scareware

Posted by timothy on from the end-of-the-beginning dept.

CWmike writes "Apple released an update for Snow Leopard on Tuesday that warns users that they've downloaded fake Mac security software and scrubs already-infected machines. Chet Wisniewski, a security researcher with Sophos, confirmed that the update alerts users when they try to download any of the bogus MacDefender antivirus software. Wisniewski had not yet tested the malware cleaning functionality of the update, but was confident that it would work. 'It's reasonably trivial to remove MacDefender,' said Wisniewski. 'It's not burying itself in the system, not compared to some of some of the crap that we see on Windows.' The update, labeled 2011-003, adds a new definition to the rudimentary antivirus detection engine embedded in Mac OS X 10.6, aka Snow Leopard, and also increases the frequency with which the operating system checks for new definitions to daily."

2 of 277 comments (clear)

  1. Re:So Mac Users should expect this? by ninetyninebottles · · Score: 5, Informative

    There have been some actual viruses in the wild for Mac, but the vulnerabilities are quickly patched, effectively preventing the viruses from spreading on any up-to-date system. http://www.scmagazineus.com/second-mac-virus-in-the-wild/article/32987/ [scmagazineus.com]

    Despite the misleading claims in the article you cite, according to F-Secure, "Inqtana.A has not been met in the wild and has internal counter that prevents it's operation after 24. February 2006. So it is unlikely that this variant would be a threat to Mac Users." It was an academic proof of concept, not an in the wild spreading virus and I've seen no reports of it in the wild. Sadly, people writing articles parrot terms like "in the wild" "zero day" and "virus" without understanding what the terminology actually means.

  2. Re:So Mac Users should expect this? by node+3 · · Score: 5, Informative

    First off (and I only make this point because you seem to be trying to make this distinction), there are absolutely NO viruses for Mac OS X. None.

    Second, there were plenty of viruses for classic Mac OS. This, however, has absolutely nothing to do with whether Mac OS X has viruses (for the rest of this post, I'm using a more broad term for virus, to include trojans and worms, and the like).

    Third, there is a small handful of malware for the Mac, including (almost exclusively) trojans. No one is claiming otherwise, not even the people you are replying to.

    Fourth, in White Hat conventions, *ALL* the systems fall. They tend to fall after certain restrictions have been removed. Macs often fall first (by mere seconds) because people want to win the Mac more than they want to win the PC.

    Even knowing this I still don't use a virus scanner at present as I simply don't see a need. That said I am not foolish enough to believe that it will remain Virus free indefinitely.

    Who is this imaginary person you think is saying that Macs will remain "virus free indefinitely"? This last line pretty much describes every single Mac user, from those that worry the Virus Armageddon is pending, and those that think they have nothing to worry about. No one claims this is a permanent state of things, just that it's how it is now, and tomorrow is another day.