New Variant of 'Mac Defender' Quickly Evades Apple's Security Update as Cat-and-Mouse Game Begins


As we noted yesterday, Apple released Security Update 2011-003 for Mac OS X Snow Leopard, a system update addressing the "Mac Defender" malware threat that has been running in the wild under several different variants for the past month. The update provides tools for automatically removing the malware, as well as protection against future infections. But as reported by ZDNet, a new variant of the malware capable of circumventing Apple's update has already appeared. popping up within hours of Apple's software release.

Hours after Apple released this update and the initial set of definitions, a new variation of Mac Defender is in the wild. This one has a new name, Mdinstall.pkg, and it has been specifically formulated to skate past Apple's malware-blocking code.

The file has a date and time stamp from last night at 9:24PM Pacific time. That's less than 8 hours after Apple’s security update was released.

Apple has prepared for this eventuality by including automatic daily updates of malware definitions with the software update, enabling it to quickly deploy protection as new variants and entirely different pieces of malware surface. Consequently, Apple should be able to respond to the new threat relatively quickly, although the speed with which the new variant appeared suggests that those responsible for the malware will not be going away easily.

Top Rated Comments

(View all)
Avatar
118 months ago

I'm amazed people are still stupid enough to manually download and run this considering all the press coverage it has received.

I'm amazed people have nothing better to do than create viruses and malware all day. Imagine what could be achieved if people used their time and skills to do something useful for society. Hope they goof up, get traced and held accountable.
Score: 35 Votes (Like | Disagree)
Avatar
118 months ago

Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.


Nice troll attempt. If MS was serious about security they would start by removing the registry.
Score: 19 Votes (Like | Disagree)
Avatar
118 months ago
LOL! Funny.... looks like the crooks are hard at work to stir the pot on the Mac side.

Doesn't scare me. I don't install what I don't know. Malware is just annoying.
Score: 19 Votes (Like | Disagree)
Avatar
118 months ago

Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.


The thing is, Malware is user initiated. Unless MS, Apple or whoever knows about a specific threat, you can't stop someone from offering a user the opportunity to download something. If they say yes, they invite the crooks in. Viruses is another story. These have to go around security in the OS to install themselves and extract information or change system settings to cause harm. Obviously the second is way more dangerous because you don't see it coming.

I only point this out because what the heck is Apple suppose to do any different? If you don't know what to not allow, or look for, you can't stop someone from wanting to install software.
Score: 16 Votes (Like | Disagree)
Avatar
118 months ago

Makes you wonder if nokia/ms are behind this! :)


LOL!

I've always wondered is the Virus protection companies aren't the ones that hire suspect engineers from places like Russia to keep the need for them rolling. Wouldn't be too surprising if it was true.
Score: 14 Votes (Like | Disagree)
Avatar
118 months ago

Props to those guys beating Apple at this.

As much as you can hate windows, MS has been very serious about security on Windows with a much tighter security system in Windows 7. Not saying that they had already not needed that, but they have been very careful and have come strong on viruses and malware.

Apple, you need to tighten up here.


What is Microsoft doing that Apple is not that would currently prevent a Mac Defender type attack? Daily definition updates of an anti-malware scanner is the most appropriate strategy. Outside of preventing the user from installing unapproved applications, I'm not sure what else you can do.
Score: 14 Votes (Like | Disagree)

Top Stories

Apple's First MacBook Pro With a Retina Display Will Become 'Obsolete' in 30 Days

Monday June 1, 2020 7:50 am PDT by
If you are still hanging on to a Mid 2012 model of the 15-inch MacBook Pro with a Retina display, and require a new battery or other repairs, be sure to book an appointment with a service provider as soon as possible. In an internal memo today, obtained by MacRumors, Apple has indicated that this particular MacBook Pro model will be marked as "obsolete" worldwide on June 30, 2020, just over...

Five Mac Apps Worth Checking Out - June 2020

Tuesday June 2, 2020 2:25 pm PDT by
Apps developed for the Mac often don't receive as much coverage as apps designed for iPhones and iPads, so we have a series at MacRumors that highlights interesting Mac apps that are worth taking a look at. This month's apps are designed to make working from home a little bit easier. Subscribe to the MacRumors YouTube channel for more videos. Meeter (Free) - Working from home often...

Apple Music Joins Music Industry's Blackout Tuesday Awareness Campaign

Tuesday June 2, 2020 1:31 am PDT by
Apple Music has cancelled its Beats 1 radio schedule for Blackout Tuesday and is suggesting that listeners tune in to a radio stream celebrating the best in black music. Blackout Tuesday is a campaign organized by the music industry to support Black Lives Matter after Minneapolis citizen George Floyd was killed by police in the course of his arrest. On launching Apple Music, many users...

Next Apple Pencil Could Be Released in Black

Tuesday June 2, 2020 10:25 am PDT by
The next iteration of the Apple Pencil could be available in black for the first time, according to leaker Mr. White who shared the tidbit on Twitter this morning. A mockup of an Apple Pencil in black We haven't heard rumors of a next-generation Apple Pencil and it's not clear when a new model might be released. Apple is rumored to be working on mini-LED versions of the iPad Pro, and it's...

iPad Pro With A14X Chip, 5G, and Mini-LED Display Expected in First Half of 2021

Wednesday June 3, 2020 6:22 am PDT by
Apple plans to launch new iPad Pro models with an A14X chip, 5G connectivity, and a Mini-LED display in the first or second quarter of 2021, according to the increasingly reliable Twitter account L0vetodream. The leaker claims that the new iPad Pro models will be equipped with Qualcomm's Snapdragon X55 modem, which supports both mmWave and sub-6GHz. mmWave is a set of 5G frequencies that...

Apple Releases macOS Catalina 10.15.5 Supplemental Update With Security Fix

Monday June 1, 2020 10:56 am PDT by
Apple today released a supplemental update for macOS Catalina 10.15.5, the fifth update to the macOS Catalina operating system that was released in October 2019. The supplemental update comes a week after the release of the macOS Catalina 10.15.5 update. ‌macOS Catalina‌ 10.15.5 is a free update that can be downloaded from the Mac App Store using the Update feature in the System...

Tim Cook Addresses George Floyd's Death and Ensuing Protests and Riots as Apple Temporarily Closes Some U.S. Stores

Sunday May 31, 2020 8:04 pm PDT by
Amid unrest in numerous U.S. cities following last week's killing of George Floyd by police in Minneapolis, Apple CEO Tim Cook has shared an internal memo with employees (via Bloomberg) addressing the pain that many are feeling and urging others to commit "to creating a better, more just world for everyone." Cook also announced that Apple is making donations to several groups challenging...

iCloud Down for Many Users, Causing 'The Application You Have Selected Does Not Exist' Error [Update: Fixed]

Tuesday June 2, 2020 4:44 pm PDT by
iCloud appears to be down for many people at the current time, based on complaints from MacRumors readers and Twitter users. Apple's system status page was not initially displaying an error when the problems started, but has been updated to confirm an issue with iCloud account sign ins. The support site says that some users may be unable to sign in to their iCloud accounts and may also be...

iOS 14 Again Said to Be Compatible With All iPhones Able to Run iOS 13

Monday June 1, 2020 2:08 pm PDT by
iOS 14 will be compatible with all iPhones and iPod touch models able to run iOS 13, according to information shared today by Israeli site The Verifier. The compatibility data was allegedly found in a leaked version of iOS 14 and confirmed by what The Verifier says is a "trusted source from the system development process." iOS 13 is compatible with the iPhone 6s and later, with a full...

iPhone 13 Prototype Mockup Depicts Notch-Free Design and USB-C Port

Thursday June 4, 2020 10:07 am PDT by
We still have a few months to go before Apple unveils the iPhone 12, but rumors about the iPhone 13, coming in fall 2021, are already circulating. Japanese site Mac Otakara today shared a rough 3D printed mockup of a 5.5-inch iPhone said to be coming in 2021, which is from "Alibaba sources." The model may be built on leaked specifications and rumors, but where the info comes from is unclear. ...