New Variant of 'Mac Defender' Quickly Evades Apple's Security Update as Cat-and-Mouse Game Begins

macdefender dialog box
As we noted yesterday, Apple released Security Update 2011-003 for Mac OS X Snow Leopard, a system update addressing the "Mac Defender" malware threat that has been running in the wild under several different variants for the past month. The update provides tools for automatically removing the malware, as well as protection against future infections. But as reported by ZDNet, a new variant of the malware capable of circumventing Apple's update has already appeared. popping up within hours of Apple's software release.

Hours after Apple released this update and the initial set of definitions, a new variation of Mac Defender is in the wild. This one has a new name, Mdinstall.pkg, and it has been specifically formulated to skate past Apple's malware-blocking code.

The file has a date and time stamp from last night at 9:24PM Pacific time. That's less than 8 hours after Apple’s security update was released.

Apple has prepared for this eventuality by including automatic daily updates of malware definitions with the software update, enabling it to quickly deploy protection as new variants and entirely different pieces of malware surface. Consequently, Apple should be able to respond to the new threat relatively quickly, although the speed with which the new variant appeared suggests that those responsible for the malware will not be going away easily.

Top Rated Comments

laurim Avatar
136 months ago
I'm amazed people are still stupid enough to manually download and run this considering all the press coverage it has received.
I'm amazed people have nothing better to do than create viruses and malware all day. Imagine what could be achieved if people used their time and skills to do something useful for society. Hope they goof up, get traced and held accountable.
Score: 35 Votes (Like | Disagree)
chrono1081 Avatar
136 months ago
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.

Nice troll attempt. If MS was serious about security they would start by removing the registry.
Score: 19 Votes (Like | Disagree)
Popeye206 Avatar
136 months ago
LOL! Funny.... looks like the crooks are hard at work to stir the pot on the Mac side.

Doesn't scare me. I don't install what I don't know. Malware is just annoying.
Score: 19 Votes (Like | Disagree)
Popeye206 Avatar
136 months ago
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.

The thing is, Malware is user initiated. Unless MS, Apple or whoever knows about a specific threat, you can't stop someone from offering a user the opportunity to download something. If they say yes, they invite the crooks in. Viruses is another story. These have to go around security in the OS to install themselves and extract information or change system settings to cause harm. Obviously the second is way more dangerous because you don't see it coming.

I only point this out because what the heck is Apple suppose to do any different? If you don't know what to not allow, or look for, you can't stop someone from wanting to install software.
Score: 16 Votes (Like | Disagree)
Popeye206 Avatar
136 months ago
Makes you wonder if nokia/ms are behind this! :)

LOL!

I've always wondered is the Virus protection companies aren't the ones that hire suspect engineers from places like Russia to keep the need for them rolling. Wouldn't be too surprising if it was true.
Score: 14 Votes (Like | Disagree)
BaldiMac Avatar
136 months ago
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.

What is Microsoft doing that Apple is not that would currently prevent a Mac Defender type attack? Daily definition updates of an anti-malware scanner is the most appropriate strategy. Outside of preventing the user from installing unapproved applications, I'm not sure what else you can do.
Score: 14 Votes (Like | Disagree)

Related Stories

studio buds family

Beats Studio Buds Debuting Today With Active Noise Cancellation, Stemless Design, and More for $150

Monday June 14, 2021 8:00 am PDT by
We've seen a lot of teasers about the Beats Studio Buds over the past month since they first showed up in Apple's beta software updates, and today they're finally official. The Beats Studio Buds are available to order today in red, white, and black ahead of a June 24 ship date, and they're priced at $149.99. The Studio Buds are the first Beats-branded earbuds to truly compete with AirPods...
youtube apple tv

YouTube Discontinuing 3rd-Generation Apple TV App, AirPlay Still Available

Wednesday February 3, 2021 3:09 pm PST by
YouTube is planning to stop supporting its YouTube app on the third-generation Apple TV models, where YouTube has long been available as a channel option. A 9to5Mac reader received a message about the upcoming app discontinuation, which is set to take place in March.Starting early March, the YouTube app will no longer be available on Apple TV (3rd generation). You can still watch YouTube on...
iPhone 13 Dummy Thumbnail 2

Kuo: iPhone 13 to Feature LEO Satellite Communications to Make Calls and Texts Without Cellular Coverage

Sunday August 29, 2021 7:39 am PDT by
The iPhone 13 will feature low earth orbit (LEO) satellite communication connectivity to allow users to make calls and send messages in areas without 4G or 5G coverage, according to the reliable analyst Ming-Chi Kuo. In a note to investors, seen by MacRumors, Kuo explained that the iPhone 13 lineup will feature hardware that is able to connect to LEO satellites. If enabled with the relevant...
YouTube Picture in Picture Feature

YouTube Premium Subscribers Can Now Use iOS Picture-in-Picture: Here's How

Wednesday August 25, 2021 3:55 am PDT by
Google has rolled out picture-in-picture support as an "experimental" feature for YouTube premium subscribers, allowing them to watch video in a small window when the app is closed. If you're a premium YouTube subscriber looking to try out picture-in-picture, follow these steps: Launch a web browser and sign into your YouTube account at YouTube.com. Navigate to www.youtube.com/new. Scroll...
os x mountain lion macs 16x9 2

Apple Makes OS X Lion and Mountain Lion Free to Download

Wednesday June 30, 2021 12:19 pm PDT by
Apple recently dropped the $19.99 fee for OS X Lion and Mountain Lion, making the older Mac updates free to download, reports Macworld. Apple has kept OS X 10.7 Lion and OS X 10.8 Mountain Lion available for customers who have machines limited to the older software, but until recently, Apple was charging $19.99 to get download codes for the updates. As of last week, these updates no...
tim cook spring loaded event

Gurman: Apple Planning Multiple Events for the Fall, M1X MacBook Pros to be Available by November

Sunday August 15, 2021 12:07 pm PDT by
Apple is planning to hold multiple events this fall, which will collectively include the launch of new iPhones, Apple Watches, updated AirPods, revamped iPad mini, and the redesigned MacBook Pros, according to respected Bloomberg journalist Mark Gurman. In his latest weekly Power On newsletter, Gurman says that much like last year, Apple will hold multiple events this coming fall, with the...
apple screen time screen icons

Persistent Kids Finding Loopholes in Apple's Screen Time Limits

Tuesday October 15, 2019 9:44 am PDT by
Apple is currently engaged in a cat-and-mouse game with persistent kids looking to circumvent Screen Time restrictions, but the company has been receiving some criticism for not moving quickly enough to lock down some of the loopholes, reports The Washington Post. A few of the loopholes and ways for parents to shut them down are documented on the site Protect Young Eyes, while these and...
anker lightning cable mfi

Unwrap a New Apple Device? Stock Up on Extra Certified Lightning Cables for as Little as $6

Monday December 25, 2017 5:45 am PST by
If you unwrapped an Apple product today it likely came with one of the company's first-party Lightning cables, but having an extra on hand is always a good idea, so you can place it in other rooms in your house, in your car, or in a bag when you travel. For that reason, now's a good time to shop for third-party Lightning cables that are cheaper than Apple's own accessory, but still Made For...
personal hotspot 1

Apple Acknowledges Personal Hotspot Issues Affecting Some iOS 13 and iPadOS 13 Users

Saturday March 21, 2020 10:04 am PDT by
In an internal document distributed to Apple Authorized Service Providers this week, obtained by MacRumors, Apple has acknowledged that some iOS 13 or iPadOS 13 users may experience issues with Personal Hotspot. Apple has told Authorized Service Providers to expect customers who are unable to connect to a Personal Hotspot or experience frequent disconnection from one. Customers may also...
macos monterey safari beta 3

macOS Monterey Beta 3: Apple Redesigns Safari Tab Interface Following Complaints

Wednesday July 14, 2021 11:39 am PDT by
In the third developer beta of macOS Monterey, which came out this morning, Apple has overhauled the design of Safari, making the tab bar more similar to the current tab bar in macOS Big Sur. The prior Safari design did away with the dedicated URL and search interface, instead allowing any individual tab to be used for navigation input. Tabs were also all arranged at the top of the display...