Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

New Apple antivirus signatures bypassed within hours by malware authors
ZDNet ^ | May 31, 2011 | Ed Bott

Posted on 06/01/2011 8:10:35 AM PDT by Wooly

Update June 1, 6:00AM PDT: The bad guys have wasted no time. Hours after Apple released this update and the initial set of definitions, a new variation of Mac Defender is in the wild. This one has a new name, Mdinstall.pkg, and it has been specifically formulated to skate past Apple’s malware-blocking code.

The file has a date and time stamp from last night at 9:24PM Pacific time. That’s less than 8 hours after Apple’s security update was released.

On a test system using Safari with default settings, it behaved exactly as before, beginning the installation process with no password required.

As PC virus experts know, this cat-and-mouse game can go on indefinitely. Your move, Apple.

I’ve also captured a video that shows the File Quarantine feature successfully blocking an attempt to automatically install the Mac Guard malware. See below.

After a month-long Mac Defender/Mac Guard malware attack, Apple has finally released the security update it promised last week. The update takes Apple one step closer to turning an obscure security feature into something very close to full-fledged antivirus software.

(Excerpt) Read more at zdnet.com ...


TOPICS: Business/Economy; Culture/Society; News/Current Events; Technical
KEYWORDS: apple
Navigation: use the links below to view more comments.
first 1-5051-100101-106 next last

1 posted on 06/01/2011 8:10:40 AM PDT by Wooly
[ Post Reply | Private Reply | View Replies]

To: for-q-clinton

Ping!


2 posted on 06/01/2011 8:16:00 AM PDT by TomServo
[ Post Reply | Private Reply | To 1 | View Replies]

To: 2nd amendment mama

Ping!


3 posted on 06/01/2011 8:19:20 AM PDT by basil (It's time to rid the country of "gun free zones" aka "Killing Fields")
[ Post Reply | Private Reply | To 1 | View Replies]

To: Wooly
Whoa...wait a minute. I need to show this to a certain family member that always condescendingly says Macs are unable to be hacked or get a virus. Next time she acts all surprised that we in Alabama order sweet tea at restaurants (apparently Texans have something against putting sugar in their tea while it is still hot, lol), I'll have to bring this up!
4 posted on 06/01/2011 8:20:25 AM PDT by sweet_diane (Adoption, the beautiful choice!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

Ping


5 posted on 06/01/2011 8:21:59 AM PDT by Keith in Iowa (FR Class of 1998 | TV News is an oxymoron. | MSNBC = Moonbats Spouting Nothing But Crap.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Wooly

You are telling me that the “perfect...un hackable....awesome” Mac is now vulnerable to Malware?

No way. That’s not what I hear from (Mac Freepers covering their ears with NANANANANANANANANA I DONT HEAR YOU MACS ARE PERFECT)


6 posted on 06/01/2011 8:22:39 AM PDT by max americana (.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Wooly

Man this is bad news. The malware guys must have hired the only guy in the world that knows how to attack OSX—Charlie Miller.

I remember hearing how the only way OSX lost 3 years in a row at pwn2own was because Charlie prestaged his attacked, wanted to win the Mac over the other machines, and he was a super genius from NASA who was smarter than any chicom or russian.

Of course the 4th year when OSX was the first to fall (again) it wasn’t charlie who did it, but some Canadians. It looks like the other nations are catching up to us and can produce their own Charlie’s to hack OSX.

I wonder when the macbots will admit user education is the key because without that...no computer is safe.


7 posted on 06/01/2011 8:27:16 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Wooly

Ping


8 posted on 06/01/2011 8:27:53 AM PDT by dragonblustar (Got toast?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: max americana

Yep, and they can get this malware without even entering the admin password! I swore there were macbots on here before saying it’s impossible to install any malware without entering the admin password.

So obviously it’s easy to trick a macbot into installing malware since they think OSX will prompt them for a password before they screw it up. Guess they were wrong.

How long until they apologize for their misinformation?


9 posted on 06/01/2011 8:29:23 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 6 | View Replies]

To: max americana
Yup, now Mac users have 3 different malware programs and 0 viruses to worry about.

As opposed to the more than 100,000 such programs which run under Windows and have been a major problem for the last couple of decades.

I guess it's time to switch back to Windows. /sarc

10 posted on 06/01/2011 8:29:54 AM PDT by Johnny B.
[ Post Reply | Private Reply | To 6 | View Replies]

To: Wooly
After a month-long Mac Defender/Mac Guard malware attack, Apple has finally released the security update it promised last week. The update takes Apple one step closer to turning an obscure security feature into something very close to full-fledged antivirus software.

Security Update 2011-003 includes changes to the File Quarantine feature, which beginning with Snow Leopard also includes antimalware checkssoftware. This update includes definitions for Mac Defender and its known variants, as well as an automated removal tool. It works only with the most recent version of Snow Leopard, 10.6.7. Earlier versions of OS X are apparently not included.

So let me get this straight. Apple is NOT fixing this for versions previous to snow leopard? WTF?! If Microsoft did that they'd be lampooned. They still release security patches for XP!

It took Apple about 1 month to release a virus definition!? WTF! I guess they do want 3rd party AV to step in and secure them from viruses/malware.

Apple is running their own AV on snowleopard OSX, but won't make it available to previous versions of OSX? That is awful support. Security needs to come first Apple--fix this and make it right for all versions of OSX. At least those released in the past 4 years.

11 posted on 06/01/2011 8:35:01 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Wooly
best part of the article:

•At the bottom of the Mac OS X Security page, after much chest-thumping about built-in security features: “The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, antivirus software may offer additional protection.”

•At the bottom of the Mac OS X Security page, after much chest-thumping about built-in security features: “The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, antivirus software may offer additional protection.”

•From Mac OS X 10.6 Help: “Some harmful applications exist that can cause problems for your computer. Frequently, a harmful application will try to appear as an innocent document, such as a movie or graphic file. … Run an antivirus program if you find any suspicious files or applications, or if you notice any suspicious behavior on your computer.”

•An August 2008 support document, “Safety tips for handling email attachments and content downloaded from the Internet”: “Only download and install applications from trusted sources, such as well-known application publishers, authorized resellers, or other well-known distributors. It is also advisable to use antivirus software to scan any files before installation. A selection of third-party products may be found at the Macintosh Products Guide.”

12 posted on 06/01/2011 8:39:30 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 1 | View Replies]

To: for-q-clinton

These Macheads remind me of the time Freepers kept bragging about how “perfect’ Malwarebytes is..

Guess what? IT’S NOT. I used to work for a well-known AV company in Los Angeles and I witnessed a TLD4 rootkit render it useless...yes, the PRO PAID VERSION of Malwarebytes.


13 posted on 06/01/2011 8:40:10 AM PDT by max americana (.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: ShadowAce

tech ping please.


14 posted on 06/01/2011 8:41:10 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 1 | View Replies]

To: for-q-clinton; Swordmaker

Wouldn’t this be an Apple ping?


15 posted on 06/01/2011 8:43:55 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 14 | View Replies]

To: for-q-clinton

What happens if a Mac user is logged in as a Standard User, rather than an admin? I would think that there’s no way it would install without prompting the user to enter the admin user name and password.


16 posted on 06/01/2011 8:44:28 AM PDT by dfwgator
[ Post Reply | Private Reply | To 9 | View Replies]

To: Wooly

Password is required for the installation of this trojan. Period.


17 posted on 06/01/2011 8:44:50 AM PDT by TheStickman
[ Post Reply | Private Reply | To 1 | View Replies]

To: Wooly

Password is required for the installation of this trojan. Period.


18 posted on 06/01/2011 8:44:59 AM PDT by TheStickman
[ Post Reply | Private Reply | To 1 | View Replies]

To: max americana

Yep. This is really raining on their parade. I’m not happy that OSX is getting hacked and malware attacking it, but I am glad that this should shut the idiots up. However, it won’t.

How long until they come in here saying this isn’t a real issue...it’s just stupid users installing stuff they shouldn’t. But they are the same people who attack windows for it’s stupid users installing porn.exe to get free porn.

We can just replay their asinine arguments now that they finally have malware by-passing OSX security.

At least no one is coming in here saying...use Linux or Windows and you won’t have to worry about MacGuard.


19 posted on 06/01/2011 8:45:20 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 13 | View Replies]

To: TheStickman

Read again. No password needed :-)

Period.


20 posted on 06/01/2011 8:45:55 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 17 | View Replies]

To: ShadowAce

Why? I thought TechPing was for all things tech. Or does the apple ping include the entire tech ping list?


21 posted on 06/01/2011 8:46:55 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 15 | View Replies]

To: for-q-clinton

They go to Swordmaker’s threads but if it’s not his...surprise! At least I don’t have the arrogance to go to an Apple store and meet “the Genius Bar”. (cough)


22 posted on 06/01/2011 8:50:14 AM PDT by max americana (.)
[ Post Reply | Private Reply | To 19 | View Replies]

To: max americana; for-q-clinton

Perhaps it would be better if we looked at it this way.

Cars used to just have a button to start them.
Then they had keys, to keep unauthorized people from driving them.
Then they had the more complex transmission lock and steering wheel lock.

Then they had the ‘security’ system which disabled the ignition.

None of these features every kept those cars from being stolen, by people who really wanted them. Whether they were Ford Pintos or Lamborghinis.

The ONLY thing that can keep a computer safe, is for it to have absolutely NO INPUT CHANNEL. That would then make it useless for home computing and most other purposes, but I am 99% sure it could not be hacked from the internet.


23 posted on 06/01/2011 8:53:05 AM PDT by UCANSEE2 (Lame and ill-informed post)
[ Post Reply | Private Reply | To 13 | View Replies]

To: rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...

The Apple ping list existed before the tech list was created. While there is some overlap, I tend towards not pinging Apple threads as they have historically been Swordmaker's venue.

24 posted on 06/01/2011 8:54:51 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 21 | View Replies]

To: max americana
These Macheads remind me of the time Freepers kept bragging about how “perfect’ Malwarebytes is..

There is no such thing as perfect. The real factor is being a step ahead of your opponent.

It's a fairly even race, but the hackers have the advantage.

25 posted on 06/01/2011 8:55:09 AM PDT by UCANSEE2 (Lame and ill-informed post)
[ Post Reply | Private Reply | To 13 | View Replies]

To: Wooly

26 posted on 06/01/2011 8:55:57 AM PDT by Fresh Wind ('People have got to know whether or not their President is a crook.' Richard M. Nixon)
[ Post Reply | Private Reply | To 1 | View Replies]

To: for-q-clinton

Read it.

Watched the video.

FUD

Period


27 posted on 06/01/2011 8:59:26 AM PDT by TheStickman
[ Post Reply | Private Reply | To 20 | View Replies]

To: Wooly

“On a test system using Safari with default settings, it behaved exactly as before, beginning the installation process with no password required.”

Stopped right there. Bogus article. I have been told by Mac Fans here that this is impossible.


28 posted on 06/01/2011 9:00:40 AM PDT by SeeSac
[ Post Reply | Private Reply | To 1 | View Replies]

To: sweet_diane

Macs were never “unable to be hacked” — it’s just that until now they were such an insignificant part of the personal computer market that hackers concentrated on the other 98% of the market. But now that Apple has grown, well, ‘welcome to the big boys world’


29 posted on 06/01/2011 9:01:23 AM PDT by Cronos (Palin, Cain, Jindal)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Johnny B.
I think both windows and Mac has it's place. Depending on person to person each has it's own benefits. I prefer to be able to tweak mine so I use Linux and since I code, it's good for me.

For some arty types and folks who just want something to work out of the box, a Mac is good. For someone who wants a cheaper machine, the Windows machine is good.

I don't see the point of arguing over this -- the best system is z/OS, hands-down! you can run CICS, IMS etc. on it and it never complains and is pretty much unhackable.

30 posted on 06/01/2011 9:05:48 AM PDT by Cronos (Palin, Cain, Jindal)
[ Post Reply | Private Reply | To 10 | View Replies]

To: Fresh Wind

http://blog.intego.com/


31 posted on 06/01/2011 9:07:24 AM PDT by Wooly
[ Post Reply | Private Reply | To 26 | View Replies]

To: Cronos
For God's Sake I hope that some people have a sense of Humor.

If I was in charge of advertising at Mickysoft I would be busy hiring the producer and actors from the “Mac Versus PC” ads today.
I would use the same format, except this time the Mac guy would be wearing sunglasses, packing a white cane, and be surrounded by people in masks that were picking his pocket and stealing everything he had around him. And all the time this was happening he would talking on an on using the same words that he spoke in the advertisements on how Mac were not vulnerable to malware.

32 posted on 06/01/2011 9:13:46 AM PDT by Wooly
[ Post Reply | Private Reply | To 29 | View Replies]

To: Wooly
read my (sarcasm) tag line
33 posted on 06/01/2011 9:25:35 AM PDT by tophat9000 (Global Warming, undeniable truth; Obama, infallible genius; Apple perfect, invented everything)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Wooly
True. While I like the fact that Apple is competition to Windows, I've never been enamored with them -- they're too closed for a person who likes to tinker. Also I've been turned off by too many folks who make this into their own little cult!

I mean, the Macs were good, the ipods ok, the ipads ok (though I can get cheaper and better functional stuff from other vendors, I acknowledge Apple's making everything easier), but nothing can give the satisfaction with a good JCL that actually works or being able to actually use vi without tearing your hair off!

34 posted on 06/01/2011 9:35:58 AM PDT by Cronos (Palin, Cain, Jindal)
[ Post Reply | Private Reply | To 32 | View Replies]

To: TheStickman

How so? I guesss all that malware on windows is just FUD as well.

See I can stick my head in the sand just as easily as you can.


35 posted on 06/01/2011 9:39:45 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 27 | View Replies]

To: Cronos

Been saying that for years, but the macbots swore it was because Macs couldn’t be hacked. Besides nothing could get installed without a password! They promised me that. Looks like that one was a lie.


36 posted on 06/01/2011 9:41:13 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 29 | View Replies]

To: Cronos

Tablets are toys. My company gave me a Xoom as a safety award, it is now listed on Craigslist as I do not play Angry Birds nor do I read E-Books so the thing was useless to me.
Instead I decided to buy an HP TM2T where I would have the portability of a touch tablet, but the power and capabilities of a real computer.


37 posted on 06/01/2011 9:42:09 AM PDT by Wooly
[ Post Reply | Private Reply | To 34 | View Replies]

To: for-q-clinton

the only reason macs didn’t get attacked was because they weren’t popular enough to justify it. This is a natural progression as more and more people start to use macs more malware, viruses, and everything else will start hitting them. And considering the lack of any computer skills shown by most of the mac users I know its fertile ground.

Apple will actually benifit from this I think. Everytime someone gets a virus the mac store can charge a hundred bucks to clean the system. And considering the prices of those computers the users seem to have ample money to throw away.


38 posted on 06/01/2011 9:46:32 AM PDT by utherdoul
[ Post Reply | Private Reply | To 36 | View Replies]

To: utherdoul
the only reason macs didn’t get attacked was because they weren’t popular enough to justify it

Tens of millions of arrogant/smug/(insert slur here) mac users out there for years, and now we hit the tipping point? Really?

I, for one, am glad the Iranian nuclear program was smart enough to see thru the whole 'mac' facade and save some coin.

39 posted on 06/01/2011 10:25:41 AM PDT by LearnsFromMistakes (How many failed apocalypse predictions is Harold Camping away from getting his Nobel Prize?)
[ Post Reply | Private Reply | To 38 | View Replies]

To: for-q-clinton

While you enjoy your time in the sand, I will ignore the M$ columnist’s FUD & keep on using my macs as I have for years now without worrying about malware or viruses “finding their way” onto my computer.


40 posted on 06/01/2011 10:34:44 AM PDT by TheStickman
[ Post Reply | Private Reply | To 35 | View Replies]

To: LearnsFromMistakes
right, because a targetted attack could never work against a mac. See this is the crap we are talking about. Macbots just don't get it. They swear better security and make outrageious claims (like your Iranian nuke plant claim). As if using Macs would have prevented the targetted atttack. Maybe you should read about the pwn2own contest where OSX has lost the contest easily for not 2, not 3, but 4 yes 4 years in a row! Macbot excuse 1st year: Everyone wants a mac so they only focussed on cracking the mac. Macbot excuse 2nd year: Everyone wants a mac so they only focussed on cracking the mac, plus it was a pre-staged attack so that doesn't count. Macbot excuse 3rd year: It was a pre-staged attack from a computer genius and ex-NASA employee. No one else in the world could accomplish such an attack. Macbot excuse 4th year: I have yet to hear one as it was a Canadian that cracked OSX in 5 seconds.
41 posted on 06/01/2011 10:41:38 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 39 | View Replies]

To: Johnny B.

One of our biggest virus problems is Macs. Mac users don’t scan their thumb drives but share them with PC users, spreading the virus.


42 posted on 06/01/2011 10:49:27 AM PDT by AppyPappy (If you aren't part of the solution, there is good money to be made prolonging the problem.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: for-q-clinton
Maybe you should read about the pwn2own contest

I have seen your posts before, so I know about the contest...incessantly. Every year, 1 mac is hacked. I get it.

43 posted on 06/01/2011 11:02:38 AM PDT by LearnsFromMistakes (Yes, I am happy to see you. But that IS a gun in my pocket.)
[ Post Reply | Private Reply | To 41 | View Replies]

To: LearnsFromMistakes

Not just that 1 mac is hacked. 1 mac is hacked first. Before a single windows machine or Linux machine is hacked.


44 posted on 06/01/2011 11:37:10 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 43 | View Replies]

To: for-q-clinton
Every year, 1 mac is hacked first(before the Windows pc).

Fixed it. Better?

Not sure exactly what you want to hear on these threads. Mac users (like other users) can be fooled into installing software that they shouldn't?

As far as my 'outrageous' claim that I was glad the Iranian nuke folks didn't use macs. I thought it was kinda clever...Can you imagine malware inside that plant? 'Click here to install that upgrade that you didn't know you needed - your centrifuge is at risk'. Never would have happened.

45 posted on 06/01/2011 12:15:23 PM PDT by LearnsFromMistakes (Yes, I am happy to see you. But that IS a gun in my pocket.)
[ Post Reply | Private Reply | To 44 | View Replies]

To: LearnsFromMistakes
Can you imagine malware inside that plant? 'Click here to install that upgrade that you didn't know you needed - your centrifuge is at risk'. Never would have happened.

Well, if you had phrased it the proper way, it could have happened--Click here to allow the Mahdi to return.

46 posted on 06/01/2011 12:21:33 PM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 45 | View Replies]

To: dfwgator

It can’t do anything if you change the default to not allowing things to automatically open.I did that the first day I got my mac and when I did run into this I just forced quit to get out of it.Nothing happened period.


47 posted on 06/01/2011 12:45:40 PM PDT by chris_bdba
[ Post Reply | Private Reply | To 16 | View Replies]

To: ShadowAce

Too funny!


48 posted on 06/01/2011 2:20:57 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 46 | View Replies]

To: chris_bdba

But what about the literally hundreds of hundreds of other mac users that haven’t done that? OSX should be secure by default.


49 posted on 06/01/2011 2:22:19 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 47 | View Replies]

To: for-q-clinton

I personally don’t know anyone who didn’t change that when the computer came out of the box.I suppose there may be someone out there who wouldn’t know?Do all windows user allow everything to automatically open?


50 posted on 06/01/2011 2:30:24 PM PDT by chris_bdba
[ Post Reply | Private Reply | To 49 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-100101-106 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson