Apple Malware found in the wild.....UPDATED

[Rson]

Apple Will Not Confirm or Deny Malware Infection

Macs have a reputation for being safer compared to PCs when it comes to viruses and other malware. Much of that had to do with security by obscurity, as hackers would target the much bigger pool of PCs. With the continued growth and popularity of Macs, though, it may be due time for Apple's system to be under attack.

Ed Bott, a blogger for ZDNet, posted an interview between himself and an unnamed AppleCare worker. The source said that AppleCare call centers are now getting bombarded with calls from customers who have been tricked into installing malware called Mac Defender and Apple Security, among others.

"Before this started happening, we had 7-12 minutes between calls generally. Now we’re lucky to have any time between calls," said the source. "We started getting a trickle of calls a couple weeks ago. However, this last week over 50% of our calls have been about it. In two days last week I personally took 60 calls that referred to Mac Defender."

Something that most Mac owners may not know about is that the AppleCare terms of service state that Apple does not help with malware removal.

"Our notice for Mac Defender is that we’re not supposed to help customers remove malware from their computer," the source explained. "The reason for the rule, they say, is that even though Mac Defender is easy to remove, we can’t set the expectation to customers that we will be able to remove all malware in the future. That’s what antivirus is for."

Despite the clear rules, the source said that "most" AppleCare workers still offer help in removing malware simply because the people on the other end of the line are desperate for help.

Bott also obtained an Apple internal bulletin saying that Apple employees must refrain from confirm or deny whether or not a user's Mac has been infected. Apple employees also cannot make specific recommendations on security software, but instead should direct them to the Apple Online Store or the Mac App Store for antivirus.

[RKEnnis]

Mac Defender cannot install itself or take any other steps to harm the system unless the user enters their administrator password.

IMHO, that makes Mac Defender more of a "social engineering" hack than actual malware.

Frankly, an exploit that relies on conning the user into providing their administrator password would be laughed right out of the Windows malware scene! Windows users only wish their flavors of malware were this benign.

[zennoodle]

The one thing with this malware plus the one that came after the Apple update is that it just preys upon the notion of macs not being able to get virii/spyware. Some people were dumb enough to believe it and entered in a bunch of credit card info and their administrator password and ended up with porn pics on the screen.

When in doubt, if you didn't initiate anything, cancel out of it... or use a firewall or little snitch... Macs are computers too... anything can happen.

[Hogleg 44]

Apple has issued updates for security twice now to counteract this program.

[Some Idiot]

Quote:

Originally Posted by RKEnnis

Mac Defender cannot install itself or take any other steps to harm the system unless the user enters their administrator password.

IMHO, that makes Mac Defender more of a "social engineering" hack than actual malware.

Frankly, an exploit that relies on conning the user into providing their administrator password would be laughed right out of the Windows malware scene! Windows users only wish their flavors of malware were this benign.

NewsFactor Network | New Mac Malware Variant Doesn't Need an Admin's OK

New version doesn't need admin password

[tukaniray]

Well ... though Macs aren't bothered by the Malware/virus/trojans that plaque the PC world, Macs can still pass it on. The coding of those can't read the MacOS to attack it, but it can use to transfer to a side that can be attack.

I once had my mac with windows in BootCamp ... and caught a virus on the windows side that crashed that partition.

So, I don't doubt macs receive the attacks ... they just aren't executed ... because if memory serves me right, the viruses are executable files (.exe) not (.dmg) files.

I use to work for Apple as one of their instructors few years back, I don't remember them telling us not to tell customers that they don't get viruses at all. I explain it the same way I did here. ... in a non-computer savvy person, Macs are like carriers for the virus.

-Ray-

[darktiger]

Either ways, it depends on the individual.. I use both and have not been infected/turned into a zombie/breached on my PC or mac.... and I surf a lot....

[tukaniray]

I agree, it all depends on the user. If someone is clicking every pop up and opening every email that doesn't come from someone they know ... definitely bound to have a virus attack.

-Ray-

[Rson]

Quote:

Originally Posted by tukaniray

So, I don't doubt macs receive the attacks ... they just aren't executed ... because if memory serves me right, the viruses are executable files (.exe) not (.dmg) files.

-

Viruses are in all formats from executables to spoofed websites that inject your computer with malware. It all depends on the creator of the virus and his level of skill.

[z-monster]

Quote:

Originally Posted by Rson

Despite the clear rules, the source said that "most" AppleCare workers still offer help in removing malware simply because the people on the other end of the line are desperate for help.

Mac users are desperate for help eh? How ironic! Windows users expect such atrocious acts to happen to their system thus the more it happens the more Windows users become aware of how to properly handle it in person rather than rely on customer service for help.

[Rson]

HAHAHAHA, after Apple patched the OS, a new variant is out. LOL

New Apple antivirus signatures bypassed within hours by malware authors [Update] | ZDNet

[srwatters]

That article is old, BTW (6/1). As far as I know that second variant was plugged also.

Apple Malware writers - 1, Apple - 1
PC Malware writers - 245,123, Microsoft - 2 (I'll give them two for Windows 7)

Seriously though, if you dumb enough to leave auto open downloads enabled on no matter OS you use, you deserve what you get. Better yet, just use Firefox or Chrome if you can't figure out how to turn that single option off.

In comparison, on Windows systems you don't even have to leave anything enabled to have the malware thieves attack your system. They find holes everywhere. If you really want to be safe you should browse the web ONLY from a guest account.

Of course, YMMV.

[texkam]

A Natty Narwal is a good friend.

[srwatters]

Quote:

Originally Posted by texkam

A Natty Narwal is a good friend.

I use Ubuntu 11.4 at work all the time. Mostly as a development environment to build stripped down buildroot versions for embedded applications. Personally I don't really care for the UI, but since most of my time is spent in the terminal window, it doesn't really matter.

[RKEnnis]

Quote:

Originally Posted by texkam

A Natty Narwal is a good friend.

What do you see as Ubuntu's primary advantage over OS X? Price? Security? UI?

I've tried various Linux flavors over the years, and none of them ever "stuck" for me. They are just too much work, I don't care much for the UI, and they don't easily run the commercial software I use. I like Unix in general, but I don't care for Linux on the desktop. (Note: I have NOT tried the new Ubuntu 11.04 Natty Narwal)

OS X addresses precisely the issues I have with the other Unix variants: I like the UI (personal preference admittedly), it runs photoshop and lightroom, my unix command line knowledge still applies, and it has the security advantages of Unix's rich heritage as a multi-user operating system. For me, OS X has the feel of a "Modern Unix", and I really like that.