Skip to comments.An AppleCare support rep talks: Mac malware is "getting worse"
Posted on 05/18/2011 10:32:28 AM PDT by Loud Mime
Over the weekend, I got an e-mail from an AppleCare support rep, who was responding to my recent reports of Mac malware being found in the wild. At least one prominent voice in the Mac community dismisses these reports as crying wolf. The view from inside an Apple call center says its for real:
I can tell you for a fact, many, many people are falling for this attack. Our call volume here at AppleCare is 4-5x higher than normal and [the overwhelming majority] of our calls are about this Mac Defender and its aliases. Many frustrated Mac users think their Mac is impervious to viruses and think this is a real warning from Apple. I really wish I could say not many people will fall for this, but in this last week, we have had nothing but Mac Defender and similar calls.
I contacted this person and arranged an interview. Ive edited our conversation to remove any details that might identify this individual or the call center location, but otherwise this is a verbatim transcript.
EB: Until this latest round of fake AV software started, what was a typical week like for you?
AC: Theres usually about 600 or so of us spread around 14 centers for CPU support. Before this started happening, we had 7-12 minutes between calls generally. Now were lucky to have any time between calls.
We started getting a trickle of calls a couple weeks ago. However, this last week over 50% of our calls have been about it. In two days last week I personally took 60 calls that referred to Mac Defender.
EB: Do you have a support database that you share for cases like this?
AC: What do you mean? As in articles for new issues were running into?
EB: Yes, there must have been a point where you noticed that a lot of people were dealing with this Mac Defender thing and that it wasnt just your calls.
AC: We have a team of people who go though all case notes and find new issues that are popping up a lot and send notices to all of AppleCare. Our notice for Mac Defender is that were not supposed to help customers remove malware from their computer.
AC: Thats about what i said when I read it. The reason for the rule, they say, is that even though Mac Defender is easy to remove, we cant set the expectation to customers that we will be able to remove all malware in the future. Thats what antivirus is for.
More at the source.
How’s Mac’s security software? Can you use AVG in their pc and notebooks?
It sounds like it. At the same time, we haven’t seen a single incident here, and we’ve quite a few macs, professionally speaking.
I think I recall someone posting here a while back a quote from a hacker along the lines that Apple was safe for a long time only because of an unwritten code among hackers they don’t go after machines they use and also, Apple wasn’t part of enough infrastructure (Banks, Industry, etc) to make it worth it. The more prolific it becomes, the bigger of a target it becomes- especially as more and more companies are using Macs.
Could you put this in English for me?? I have a mac , but do not understand what you are saying at all.. help an old lady mac user
The biggest hole in security always has been and always will be the user. Doesn’t matter how secure the OS is if the user is willing to click yes on every popup and provide the necessary credentials the machine will become a pit of malware.
Basically, don’t believe anyone who tells you that Macs are safe from Viruses or Malware. Always have anti-virus and anti-Malware software installed and running.
MAc users get a dose of the real world......
A victim of their own success.
I would point out that this is NOT a virus.
You have to deliberately download it.
You have to deliberately allow the installer to run.
It doesn’t propagate itself to other machines.
That’s not to say that it’s harmless.
There’s a trojan out there called Mac Defender, it says it’s anti-spyware, it looks like it comes from Apple, if you say yes to install it bad things will happen.
I went and read the articles ... In the one article it noted that Google Chrome downloaded it automatically where fire fox asked if you wanted to down load.. I have been using chrome ..even as I type.. I am thinking I need to go back to Safari
If you live out in the sticks in a farmhouse, miles from your nearest neighbor, you can leave your door unlocked.
Just don’t believe that a farmhouse is more secure than a townhouse just because nobody has ever broken in.
There's some new trojan program that is hitting Macs if you are gullible enough to download it. Here's a link that explains matters.
Based on what I could glean from the article,
There is a virus called MacDefender which displays a screen saying that the Apple Software has detected a virus, and do you want the system to fix/remove it?
When you give it permission, it then plays nasty with your computer.
The AppleCare rep is saying that Apple Software DOES NOT come up and say it found a virus and will fix it for you, so if you see that, you know you are infected and need to get some REAL antivirus software to fix it.
If you are browsing somewhere, and get a message that your computer is infected and that all you need to do is click here and get cleaned....
DON’T BELIEVE IT.
It is NOT a virus, it does not propagate itself.
ONe has to download it and allow the system to install it.
“Just dont believe that a farmhouse is more secure than a townhouse just because nobody has ever broken in.”
(spoken in a slight monotone and dry voice)
You, my friend, have never lived in a farmhouse, have you? :^)
As the market fragments, Apple users can expect to be targeted more.
The irony, of course, is that this particular malware masquerades as an anti-virus application. It only works on people who are worried about viruses.
I had a recent virus infect my Desktop PC. I was using windows defender and the germ went right past that ‘protection’
Somebody told me that if I had hit the ‘reset’ button immediately, the computer would not have been infected.
Does anybody know if that is true?
Anyway, I’m back to using ESET NOD32 on my system. I’ve never had a problem with it.
Good point. RnMomof7, don’t click any link to download anti-virus software. Buy it on your own, understand what it looks like and what its messages say and don’t click anything that looks like that.
They were probably wrong. Most of the really nasty viruses that hit windows are aiming at system files that are in use when you’re using it, they queue to overwrite on reboot so if you do so they’re fully embedded. If you think you’re nailed on windows you need to start running scans immediately and don’t reboot until you’re clean. Basically the opposite of how you fix every other windows problem.
Apple has a very good product, but the fact is that for the longest time the Mac was not the OS ‘of choice’ for the majority of the world. As a result, hackers and virus makers simply ignored it. Now, due in large part to Apple’s dominance over the mobile device market (iPhone, iPad, et al), Apple has taken a huge step into the forefront, which has now attracted the attention of those previously uncaring hackers. Apple needs to stay ahead of them and reinforce their systems, and not just believe their systems are impervious. Otherwise, they’ll be playing catchup like Microsoft for the rest of time.
Hackers have created a virus to infect iPods that have been hacked to run Linux, a number that might run to the high three figures globally. Security by obscurity simply doesn't fly.
The “real world” is windows lepers have spent twenty years pointing at the mac users cold sore and shrieking “SEE!”
From page 2 of the article;
“EB: So customers who get hit by this are installing it and giving their admin password?
EB: if they stop before that, nothing bad happens?
AC: Yes, the file will download but for it to install it requres the password. it tries to trick you into giving it by saying its required to remove the infections.
EB: Ah yes, social engineering.
AC: Indeed, looks rather real, if you ignore the fact it pops up in your browser but for most of us that know computers thats a giveaway there.”
Don’t give out your password!
LOL.. Leper vs cold sore....love it!
I was writing of virusmakers - - I understand the difference between trojans and viruses.
But, like the Obama/Osama thing, mistakes are made. Take it easy.
FREE Sophos Anti-Virus for Mac Home Edition
“Sophos Anti-Virus for Mac Home Edition is available to download at no charge, with no time limit, and requiring no registration, protecting home Mac users against all known malware, including both Mac and Windows-specific threats such as Trojan horses, viruses, worms and spyware. Based on Sophos’s flagship security software, currently protecting over 100 million business users worldwide, Sophos Anti-Virus Home Edition for Mac was released in response to growing concern about Mac malware.”
That’s what I was thinking from the article. It calls itself anti-virus software, but you have to actively download it.
A while back, I got Sophos for my iMac. Sophos is the company that provides anti-virus protection for Mac servers and businesses. They offered a free program that would protect regular Macs. For browser, I use Safari and Firefox, and Chrome on occasion. I haven’t had any problems at all since I’ve installed it.
I saw the Mac Defender pop up once, but since I’m already protected, I just deleted it.
Here are two articles, one from CNET and one from Cult of Mac. They can give you more information about it.
Thanx for the heads up!
Have not run into this issue yet with my new MacBook Pro. Thanks very much for your advance warning of a potential problem.
Where was I dishonest?
So true. My son told me about a virus that came in when a lowely employee brought in a floppy from home to work on during break.
The resulting chaos cost tens of thousands in damage
In this case, it's malware makers, as the user has to PROACTIVELY give these programs elevated access to the system in order to be installed. Unlike the PC world, your mac is not going to get infected with a virus if you hook it up to the internet out of the box*
* prior to downloading the patches since the OS was installed and the time of purchase.
Oh! The huge manatee!
We’re about to purchase a MacBook Pro. We’ve never owned a Mac. How would we go about installing the Sophos?
Have you owned your MacBookPro for very long? Do you like? Love it? Andy Pros/Cons/suggestion?
You don't need any kind of anti-virus software. It's a waste of money and system resources.
You can very comfortably assume complete immunity from malware provided you only give your system password to programs you know and want to install.
No, you aren't technically immune to malware with a Mac, but all these windows geeks are telling you to get what amounts to “lightning bolt insurance” to justify they've been flying cheap-a$$ windows kites in the rain.
For the longest time Apple computers have been relatively safe from this kind of thing simply because the return on investment for a hacker developing an Apple virus/Trojan/malware was just not as good as one for Windows. Now there’s so many Macs that they’re worth attacking and they’re also worth attacking because so many Apple users are utterly oblivious to security issues.
Add to this the fact that Apple users tend to be liberal, urban snobs who almost uniformly sneer at PC users as troglodytes and I find myself with precious little sympathy for them.
As I mentioned to Waryone a moment ago, we will be purchasing our first Mac (MacBook Pro) today (hopefully. was supposed to purchase it days ago, but ran into a snag).
Should we install Sophos? Do you use your Mac for business? I’m trying to compile a list of Freepers who may be able to help if we run into any problems. We live between Nomansland and Nowhere. No such thing as One To One here.
Thanks for your help.
I believe all browsers give you the option of whether or not to automatically open downloaded files....simply choose to not automatically open them. However, I believe most browsers set the default to automatically open the files, so you need to check your “Options” and verify.