New Variant of 'Mac Defender' Quickly Evades Apple's Security Update as Cat-and-Mouse Game Begins

by

macdefender dialog box
As we noted yesterday, Apple released Security Update 2011-003 for Mac OS X Snow Leopard, a system update addressing the "Mac Defender" malware threat that has been running in the wild under several different variants for the past month. The update provides tools for automatically removing the malware, as well as protection against future infections. But as reported by ZDNet, a new variant of the malware capable of circumventing Apple's update has already appeared. popping up within hours of Apple's software release.

Hours after Apple released this update and the initial set of definitions, a new variation of Mac Defender is in the wild. This one has a new name, Mdinstall.pkg, and it has been specifically formulated to skate past Apple's malware-blocking code.

The file has a date and time stamp from last night at 9:24PM Pacific time. That's less than 8 hours after Apple’s security update was released.

Apple has prepared for this eventuality by including automatic daily updates of malware definitions with the software update, enabling it to quickly deploy protection as new variants and entirely different pieces of malware surface. Consequently, Apple should be able to respond to the new threat relatively quickly, although the speed with which the new variant appeared suggests that those responsible for the malware will not be going away easily.

Popular Stories

iOS 26

Everything New in iOS 26.2 Beta 3

Monday November 17, 2025 3:20 pm PST by
Apple provided developers with the third beta of an upcoming iOS 26.2 update, and there are still new features that are being added with each beta that we get. We've rounded up all of the changes that Apple made in beta 3. AirDrop Apple added new AirDrop functionality, providing a way for two people to share files temporarily without having to add one another as contacts. iOS 26.2...
Read Full Article21 comments
applecare apple care banner

Apple Brings New AppleCare+ Options to India

Tuesday November 18, 2025 8:42 am PST by
Apple today announced an expansion of AppleCare+ coverage in India, with new options for monthly and annual plans, and the addition of Theft and Loss for iPhone for the first time. Options for monthly and annual AppleCare+ plans in India provide more choice and flexibility, allowing users to keep coverage for as long as they require. Apple's vice president of Worldwide iPhone Product...
Read Full Article6 comments
iPhone 17 Pro Cosmic Orange

10 Reasons to Wait for Next Year's iPhone 18 Pro

Wednesday November 19, 2025 4:00 am PST by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models at the same time, which is why we often get rumored features months ahead of launch. The iPhone 18 series is no different, and we already have a good idea of what to expect for the iPhone 18 Pro and iPhone 18 Pro Max. One thing worth...
Read Full Article92 comments
Apple Wallet ID Illinois

iPhone Driver's License Feature Launching in Illinois

Tuesday November 18, 2025 8:47 am PST by
In select U.S. states, residents can add their driver's license or state ID to the Wallet app on the iPhone and Apple Watch, providing a convenient and contactless way to display proof of identity or age at select airports and businesses, and in select apps. Starting this Wednesday, November 19, the feature will be available to residents of Illinois. The announcement confirmed that the...
Read Full Article69 comments
iPhone 17 Pro and Air N1 Feature

iPhone 17 vs. iPhone 16 Wi-Fi Speeds: New Study Reveals the Winner

Tuesday November 18, 2025 10:53 am PST by
A new study has revealed that the iPhone 17, iPhone 17 Pro, iPhone 17 Pro Max, and iPhone Air achieve significantly faster average Wi-Fi speeds compared to the iPhone 16 series, thanks to Apple's custom-designed N1 chip. The study was conducted by Ookla, the company behind the popular Speedtest website and app. It said the results are based on global, crowdsourced Speedtest user data...
Read Full Article48 comments
macbook black friday

The Best Early Black Friday Mac Deals

Tuesday November 18, 2025 7:32 am PST by
We're getting closer to Black Friday, which lands next week on Friday, November 28. In the lead-up to the shopping holiday, we're tracking a few lowest-ever prices on Apple's most popular Macs, including the M4 MacBook Air and brand new M5 MacBook Pro. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment,...
Read Full Article1 comments
Magic Keyboard Touch ID Feature

Apple Releases New Firmware for 140W USB-C Power Adapter, Magic Keyboard and Magic Trackpad

Tuesday November 18, 2025 1:05 pm PST by
Apple today released updated firmware for several accessories, including the 140W USB-C Power Adapter, the Magic Trackpad 2, the Magic Trackpad USB-C, the Magic Keyboard with Touch ID, and the Magic Keyboard with Touch ID and Numeric Keypad. There is no word on what's included in the updated firmware at this time, but it could offer performance improvements and security updates. Accessory...
Read Full Article78 comments
Apple Sports App Preview Feature

Apple Sports App on iPhone Now Available in More European Countries

Monday November 17, 2025 6:27 am PST by
The free Apple Sports app on the iPhone was released in additional European countries today, including Belgium, Croatia, Czechia, the Netherlands, Luxembourg, Poland, Hungary, Denmark, Finland, Norway, Sweden, Switzerland, Slovakia, Slovenia, Serbia, Greece, Estonia, Latvia, Romania, Ukraine, and others. The app was already available in the U.S., the U.K., Canada, Austria, France, Germany,...
Read Full Article22 comments
best early black friday deals

Best Black Friday Apple Deals Live Now - Save on AirPods, iPads, and Apple Watches

Saturday November 15, 2025 1:45 pm PST by
We're officially in the month of Black Friday, which will take place on Friday, November 28 in 2025. As always, this will be the best time of the year to shop for great deals, including popular Apple products like AirPods, iPad, Apple Watch, and more. In this article, the majority of the discounts will be found on Amazon. Note: MacRumors is an affiliate partner with some of these vendors. When ...
Read Full Article3 comments
ipad mini 7 feature red and blue

iPad Mini 8: Four Major New Features to Expect

Wednesday November 19, 2025 7:50 am PST by
Apple's eighth-generation iPad mini is highly likely to arrive next year, offering a significant refresh of the device with at least four major new features. OLED Display The next-generation version of the iPad mini could feature an OLED display, as part of Apple's plan to expand the display technology across many more of its devices. Apple's first OLED device was the Apple Watch in 2015, ...
Read Full Article61 comments

Top Rated Comments

laurim Avatar
laurim
189 months ago
I'm amazed people are still stupid enough to manually download and run this considering all the press coverage it has received.
I'm amazed people have nothing better to do than create viruses and malware all day. Imagine what could be achieved if people used their time and skills to do something useful for society. Hope they goof up, get traced and held accountable.
Score: 35 Votes (Like | Disagree)
chrono1081 Avatar
chrono1081
189 months ago
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.

Nice troll attempt. If MS was serious about security they would start by removing the registry.
Score: 19 Votes (Like | Disagree)
Popeye206 Avatar
Popeye206
189 months ago
LOL! Funny.... looks like the crooks are hard at work to stir the pot on the Mac side.

Doesn't scare me. I don't install what I don't know. Malware is just annoying.
Score: 19 Votes (Like | Disagree)
Popeye206 Avatar
Popeye206
189 months ago
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.

The thing is, Malware is user initiated. Unless MS, Apple or whoever knows about a specific threat, you can't stop someone from offering a user the opportunity to download something. If they say yes, they invite the crooks in. Viruses is another story. These have to go around security in the OS to install themselves and extract information or change system settings to cause harm. Obviously the second is way more dangerous because you don't see it coming.

I only point this out because what the heck is Apple suppose to do any different? If you don't know what to not allow, or look for, you can't stop someone from wanting to install software.
Score: 16 Votes (Like | Disagree)
Popeye206 Avatar
Popeye206
189 months ago
Makes you wonder if nokia/ms are behind this! :)

LOL!

I've always wondered is the Virus protection companies aren't the ones that hire suspect engineers from places like Russia to keep the need for them rolling. Wouldn't be too surprising if it was true.
Score: 14 Votes (Like | Disagree)
BaldiMac Avatar
BaldiMac
189 months ago
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.

What is Microsoft doing that Apple is not that would currently prevent a Mac Defender type attack? Daily definition updates of an anti-malware scanner is the most appropriate strategy. Outside of preventing the user from installing unapproved applications, I'm not sure what else you can do.
Score: 14 Votes (Like | Disagree)
Read All Comments