New Variant of 'Mac Defender' Quickly Evades Apple's Security Update as Cat-and-Mouse Game Begins

macdefender dialog box
As we noted yesterday, Apple released Security Update 2011-003 for Mac OS X Snow Leopard, a system update addressing the "Mac Defender" malware threat that has been running in the wild under several different variants for the past month. The update provides tools for automatically removing the malware, as well as protection against future infections. But as reported by ZDNet, a new variant of the malware capable of circumventing Apple's update has already appeared. popping up within hours of Apple's software release.

Hours after Apple released this update and the initial set of definitions, a new variation of Mac Defender is in the wild. This one has a new name, Mdinstall.pkg, and it has been specifically formulated to skate past Apple's malware-blocking code.

The file has a date and time stamp from last night at 9:24PM Pacific time. That's less than 8 hours after Apple’s security update was released.

Apple has prepared for this eventuality by including automatic daily updates of malware definitions with the software update, enabling it to quickly deploy protection as new variants and entirely different pieces of malware surface. Consequently, Apple should be able to respond to the new threat relatively quickly, although the speed with which the new variant appeared suggests that those responsible for the malware will not be going away easily.

Popular Stories

apple watch ultra 2 new black

Apple Watch Ultra 3 Finally Coming After Two-Year Hiatus

Monday June 16, 2025 8:45 am PDT by
Apple will finally deliver the Apple Watch Ultra 3 sometime this year, according to analyst Jeff Pu of GF Securities Hong Kong (via @jukanlosreve). The analyst expects both the Apple Watch Series 11 and Apple Watch Ultra 3 to arrive this year (likely alongside the new iPhone 17 lineup, if previous launches are anything to go by), according to his latest product roadmap shared with...
iPhone 17 Pro Blue Feature Tighter Crop

iPhone 17 Pro Launching in Three Months With These 12 New Features

Saturday June 14, 2025 5:45 pm PDT by
The iPhone 17 Pro and iPhone 17 Pro Max are three months away, and there are plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models as of June 2025:Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone X through iPhone 14 Pro have a...
apple wallet drivers license feature iPhone 15 pro

iPhone Driver's Licenses: These 17 U.S. States Offer Them or Will Later

Thursday June 19, 2025 11:28 am PDT by
In select U.S. states, residents can add their driver's license or state ID to the Wallet app on the iPhone and Apple Watch, providing a convenient and contactless way to display proof of identity or age at select airports and businesses, and in select apps. Unfortunately, this feature continues to roll out very slowly since it was announced in 2021, with only nine U.S. states and Puerto...
iOS 18

Apple Releases iOS 18.6 Public Beta

Wednesday June 18, 2025 10:24 am PDT by
Apple today seeded the first betas of upcoming iOS 18.6 and iPadOS 18.6 updates to public beta testers, with the betas coming just a few days after Apple provided the betas to developers. Testers who have signed up for beta updates through Apple's beta site can download iOS 18.6 and iPadOS 18.6 from the Settings app on a compatible device by going to General > Software Update. When the...
ios 26 call holding

iOS 26 Beta is Hiding a New Ringtone — Here's What It Sounds Like

Thursday June 19, 2025 7:25 pm PDT by
Apple is hiding a new ringtone within iOS 26. The new ringtone is an alternative version of the existing Reflection ringtone, which has been the default ringtone since the iPhone X was released in 2017. It was discovered within the code for the first developer beta of iOS 26, but it remains hidden, so you will not find it in the list of ringtones available in the Settings app for now. It...
iOS 26 on Three iPhones

Apple Says iOS 26 Won't Be Available on These iPhone Models

Tuesday June 10, 2025 6:58 am PDT by
Apple this week revealed that iOS 26 is compatible with the iPhone 11 series and newer. That means that iOS 18 is the end of the road for the iPhone XS, iPhone XS Max, and iPhone XR, which were all released in 2018. However, those devices will continue to receive security updates for at least a few more years. iOS 26 is compatible with the following iPhone models: iPhone 16e iPhone...
new iphone lockscreen ios 26

iOS 26: Five Changes Coming to Your iPhone Lock Screen

Tuesday June 17, 2025 8:46 am PDT by
With iOS 26, Apple has made some additions to the iPhone Lock Screen that aim to make it more customizable than ever. Of course, things can always change before the software makes its way to the general iPhone-owning public, but here are five new things iOS 26 can do on the Lock Screen as of the current developer beta. Widgets Top or Bottom In iOS 18, the row of widgets on your Lock...
apple watch ultra snow

6 Features Coming to the Apple Watch Ultra 3

Tuesday February 25, 2025 9:00 am PST by
The Apple Watch Ultra 3 is expected to launch later this year, arriving two years after the previous model with a series of improvements. While no noticeable design changes are expected for the third generation since the company tends to stick with the same Apple Watch design through three generations before changing it, there are a series of internal upgrades on the way. By the time the ...
General Spotify Feature

Spotify Preparing to Launch Long-Awaited Lossless Audio Tier on iPhone

Thursday June 19, 2025 1:46 pm PDT by
Spotify appears to be gearing up to launch its long-awaited lossless music tier. Chris Messina (via TechCrunch) and Spicetify (via The Verge) spotted new lossless references within the code for Spotify's desktop app and web player. With assistance from Aaron Perris, MacRumors has confirmed that the latest beta of the Spotify app for the iPhone also contains new lossless-related code....

Top Rated Comments

laurim Avatar
183 months ago
I'm amazed people are still stupid enough to manually download and run this considering all the press coverage it has received.
I'm amazed people have nothing better to do than create viruses and malware all day. Imagine what could be achieved if people used their time and skills to do something useful for society. Hope they goof up, get traced and held accountable.
Score: 35 Votes (Like | Disagree)
chrono1081 Avatar
183 months ago
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.

Nice troll attempt. If MS was serious about security they would start by removing the registry.
Score: 19 Votes (Like | Disagree)
Popeye206 Avatar
183 months ago
LOL! Funny.... looks like the crooks are hard at work to stir the pot on the Mac side.

Doesn't scare me. I don't install what I don't know. Malware is just annoying.
Score: 19 Votes (Like | Disagree)
Popeye206 Avatar
183 months ago
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.

The thing is, Malware is user initiated. Unless MS, Apple or whoever knows about a specific threat, you can't stop someone from offering a user the opportunity to download something. If they say yes, they invite the crooks in. Viruses is another story. These have to go around security in the OS to install themselves and extract information or change system settings to cause harm. Obviously the second is way more dangerous because you don't see it coming.

I only point this out because what the heck is Apple suppose to do any different? If you don't know what to not allow, or look for, you can't stop someone from wanting to install software.
Score: 16 Votes (Like | Disagree)
Popeye206 Avatar
183 months ago
Makes you wonder if nokia/ms are behind this! :)

LOL!

I've always wondered is the Virus protection companies aren't the ones that hire suspect engineers from places like Russia to keep the need for them rolling. Wouldn't be too surprising if it was true.
Score: 14 Votes (Like | Disagree)
BaldiMac Avatar
183 months ago
Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.

What is Microsoft doing that Apple is not that would currently prevent a Mac Defender type attack? Daily definition updates of an anti-malware scanner is the most appropriate strategy. Outside of preventing the user from installing unapproved applications, I'm not sure what else you can do.
Score: 14 Votes (Like | Disagree)