New 'MACDefender' Variant Installs Without Admin Password Requirement
Antivirus firm Intego today reported that it has discovered a new variant of the "MACDefender" malware that ups the ante by not requiring an administrator password for installation. The step is accomplished by installing the application only for the current user.
Unlike the previous variants of this fake antivirus, no administrator's password is required to install this program. Since any user with an administrator's account - the default if there is just one user on a Mac - can install software in the Applications folder, a password is not needed. This package installs an application - the downloader - named avRunner, which then launches automatically. At the same time, the installation package deletes itself from the user's Mac, so no traces of the original installer are left behind.
The second part of the malware is a new version of the MacDefender application called MacGuard. This is downloaded by the avRunner application from an IP address that is hidden in an image file in the avRunner application's Resources folder.
Late yesterday, Apple issued its first public notice on the MACDefender malware, providing users with steps for avoiding or removing the software, as well as reporting that a Mac OS X software update to be released in the "coming days" will automatically find and remove MACDefender and its known variants. The update will also alert users if they are about to download one of the malware applications.
It is unknown whether protection against the new "MacGuard" variant will be included in the software update from Apple, but the company will almost certainly have to keep on its toes to address the quickly evolving threat.
Popular Stories
Cellular carriers have always offered big savings on the newest iPhone models during the holidays, and Black Friday 2022 is no different. Even though Black Friday is officially over, we're still tracking notable offers on the iPhone 14 and iPhone 14 Pro devices from AT&T, Verizon, and T-Mobile. For even more savings, keep an eye on older models like the iPhone 13.
Note: MacRumors is an...
Although Black Friday is now technically over, many Apple products are still seeing major discounts through the weekend as we head into Cyber Monday. In this article, you'll find every Apple device with a notable Black Friday sale that's still available. We'll be updating as prices change and new deals arrive, so be sure to keep an eye out if you don't see the sale you're looking for yet.
Note:...
Black Friday deals have been in full swing for the better part of a month, and even with the shopping holiday officially over, we're still seeing solid discounts on Apple devices. We're highlighting the best sales for all of Apple's product lines, and in this article you'll find the best Black Friday sales on iPad, iPad Pro, iPad Air, and iPad mini.
Note: MacRumors is an affiliate partner with ...
Friday November 25, 2022 2:58 am PST by
Sami FathiAn Apple engineer has addressed the lack of lossless audio support in the second-generation AirPods Pro in a new interview. Current Bluetooth technology in the AirPods lineup means that Apple's audio products do not support Apple Music Lossless audio. Apple has previously hinted that it may develop its own codec and connectivity standard that builds on AirPlay and supports higher quality...
Our Black Friday coverage continues through the weekend with the best deals you can find on MacBook Pro, MacBook Air, and iMac. As with all Black Friday deals, we aren't sure how long any of these will last, and prices are always fluctuating, so if you see something you want, be sure to buy it soon.
Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and...
Nothing Phone 1 users today began receiving the Nothing OS 1.1.7 update, which adds support for displaying the battery percentage of connected AirPods, amongst other improvements and bug fixes.
If you own a Nothing Phone 1, you can check for the OTA update by going to Settings -> System -> System updates. Bear in mind that as support for displaying AirPods battery level is still an...
We're tracking all of the best Apple product discounts for Black Friday as they continue through the weekend, and the Apple Watch always makes a great gift around the holiday season, so you're guaranteed to find solid discounts right now. In this article, you'll discover the best Black Friday sales on Apple Watch Series 8, Apple Watch SE, and Apple Watch Ultra.
Note: MacRumors is an affiliate...
Top Rated Comments
I have not contradicted myself. Go back and forth on what ? Virus is a type of malware. Spyware is another. Trojans are yet another.
There are Mac malware out in the wild.
There aren't any Mac viruses out in the wild.
Both statements are true.
The days of malware-free macs have BEEN over (https://www.macrumors.com/2006/02/16/mac-os-x-virus-trojan-summary/). This appears to be the first malware that is actually getting decent press coverage.
Most Mac users used to be Windows users at one time or another. Including yours truly.
WTF is a "demonator"?
Downloaded apps will not launch automatically if you uncheck this option in Safari. Not sure about other Browsers. So as long as you don't launch the installer, you are fine.