Apple Responds Quickly to Evolving 'Mac Defender' Threat With Updated Malware Definitions

Yesterday, we noted that the attackers behind the "Mac Defender" malware had moved quickly to combat Apple's new security update, within hours releasing a new variant of the malware that was capable of skirting around Apple's new protection.

Xprotect.plist before (left) and after (right) latest update to address new Mac Defender variant

Fortunately for users, Apple has moved almost as quickly as the attackers, quashing any potential fears that the company might be slow to respond to each new threat that appears. As reported by Italian site Spider-Mac [Google translation], Apple has already issued an update to detect the new variant, pushing out a new entry for "OSX.MacDefender.C" to the Xprotect.plist file that contains the signatures for identifying malware.

After the update, users are indeed presented with a warning if they begin to download the latest variant:


As part of the security update earlier this week, Apple included a system to automatically update the Xprotect.plist anti-malware definitions every 24 hours, giving the company the ability to quickly push out new protection for Mac OS X Snow Leopard users. While this is unlikely to be the end of the Mac Defender attackers' efforts, it does appear that Apple is committed to responding and issuing updates to its users as quickly as the attackers can churn out new variants.

Top Rated Comments

(View all)
Avatar
120 months ago

The writers of this malware love to see Apple jumping through the hoops they make. This will on,y get worse with 10.7, as per Apples history, new OSes are filled with bugs and exploitable flaws.


You mean like windows where the general advice it not to install it until SP1 is released?
Score: 18 Votes (Like | Disagree)
Avatar
120 months ago

The attackers will always be one step ahead...


But if Apple stays only one step behind and closes the holes within 24 hours each time, the attackers will soon learn that there isn't that much to be gained by the effort. They'll have to try another approach.

You know, this relatively benign malware is, on balance, a good thing. This will educate Mac users not to click OK on software they did not choose to install. So that when something really serious shows up, they will know better thanks to this mild version that is merely annoying.
Score: 17 Votes (Like | Disagree)
Avatar
120 months ago

The writers of this malware love to see Apple jumping through the hoops they make. This will on,y get worse with 10.7, as per Apples history, new OSes are filled with bugs and exploitable flaws.


Completely irrelevant. MacDefender doesn't take advantage of any flaw or bug in OS X. The only flaw in play here is people's gullibility.
Score: 12 Votes (Like | Disagree)
Avatar
120 months ago

I wouldn't be surprised if the entire thing weren't stage-managed by Apple to give them an argument in favour of a move to an iOS-style Mac App Store-only software model. (Jailbreak your Mac, anyone?)


Here we go again - people running out of real arguments against apple clinging to stupid claims like this ....
Score: 11 Votes (Like | Disagree)
Avatar
120 months ago

You have to install this yourself.... it is NOT a virus... but maleware.

Not sure exactly how OSX is less secure? Maleware has been around for years for OSX.... just don't install the damn thing!


Maleware? What's maleware? Sounds like a line of men's lingerie. :confused:
Score: 11 Votes (Like | Disagree)
Avatar
120 months ago
Huh?



This doesn't bode well for Lion's release. Even if these threats don't indicate a material problem with OS X, the fact that Apple has been baited into an arms war makes OS X look less secure.


What kind of logic is this?
Score: 11 Votes (Like | Disagree)

Top Stories

Apple-Acquired Dark Sky Officially Shuts Down Android App

Saturday August 1, 2020 3:43 pm PDT by
Apple in March purchased weather app Dark Sky, and at that time, Dark Sky's developers said that the app's Android version would be discontinued on July 1, 2020. However, instead of shuttering the app on that date, the app's developers announced that the discontinuation would be delayed for another month. Now that it's August, Android users are no longer able to access the app, and...

Apple May Launch This Year's 'iPhone 12' Lineup in Two Stages, With 6.1-inch Models Debuting First

Monday August 3, 2020 3:14 am PDT by
Apple last week confirmed that its "‌iPhone‌ 12" launch will be delayed this year due to the ongoing global health crisis and restrictions on travel. Apple last year started selling iPhones in late September, but this year, Apple projects supply will be "available a few weeks later," suggesting a release sometime in October. We're expecting a total of four OLED iPhones in 5.4, 6.1, and...

Apple Announces New 27-Inch iMac With 10th-Gen Processors, Up to 128GB RAM, 1080p Webcam, True Tone, and More

Tuesday August 4, 2020 8:07 am PDT by
Apple today announced a new 27-inch iMac with faster 10th-generation Intel Core processor options, next-generation AMD graphics, up to 128GB of RAM, a higher-resolution 1080p front-facing FaceTime camera, a True Tone display with a nano-texture glass option, a T2 chip, higher fidelity speakers, studio-quality microphones, and more. A breakdown of the new 27-inch iMac's features and specs:10th...

Apple Explains Why You Might See 'Not Charging' When a Mac is Plugged In

Monday August 3, 2020 1:42 pm PDT by
If you have a Mac and have seen a "Not Charging" warning when plugging it in to power, Apple last week released a support document that explains why. Macs running macOS 10.15.5 or later have a Battery Health Management feature to preserve the life of the battery, and occasionally, the Battery Health Management option will cause the Mac to pause its charging for calibration purposes.Depending ...

Top Stories: Try the 5.4-Inch iPhone 12 Display Size, Blockbuster Earnings, Tim Cook at Antitrust Hearing

Saturday August 1, 2020 6:00 am PDT by
Another busy week of Apple news and rumors has wrapped up, with a lot of focus on Tim Cook's appearance at a Congressional antitrust hearing and a blockbuster earnings report. Subscribe to the MacRumors YouTube channel for more videos. We continued to hear rumors about the upcoming iPhone 12 lineup, including a rare admission from Apple that the lineup will launch "a few weeks later" than...

Unreleased iPod Touch with Mac Pro Glossy Black Finish Shared Online

Sunday August 2, 2020 11:32 am PDT by
Twitter user @DongleBookPro has today posted images of what seems to be a first-generation iPod Touch prototype with a 2013 Mac Pro-style glossy black finish. The Twitter user claims that the iPod Touch prototype pictured has "the same coating as the 2013 Mac Pro." Had the finish been selected for the final product, it also would have been similar to the metallic glossy black finish that...

Just How Small Will the 5.4-Inch iPhone 12 Screen Be? Try It Out for Yourself

Tuesday July 28, 2020 12:57 pm PDT by
As rumors of the iPhone 12 have continued to build over the past few months, the one model that has the most excitement around it is the smallest 5.4" model. The iPhone 12 is believed to be coming in 5.4", 6.7", and 6.1" sizes. Dummy models have shown how much smaller the 5.4" is compared to the rest of the iPhone lineup. The upcoming 5.4" iPhone falls in-between the size of the original...

Everything New in iOS 14 Beta 4: Apple TV Widget, Search Improvements, Exposure Notification API and More

Tuesday August 4, 2020 11:14 am PDT by
Apple today released the fourth developer betas of iOS and iPadOS 14 for testing purposes, tweaking and refining some of the features and design changes included in the update. Changes get smaller and less notable as the beta testing period goes on, but there are still some noteworthy new features in the fourth beta, which we've highlighted below. - Apple TV widget - There's a new Apple TV...

Microsoft to Stop Supporting Office 2016 for Mac in October

Monday August 3, 2020 12:21 pm PDT by
Microsoft's Office 2016 for Mac is set to reach its end of support date on October 13, 2020, and after that date, connecting to Office 365 services using the Office 2016 for Mac software will no longer be supported. Microsoft shared the detail in a support document from July highlighting which versions of Office will be supported for connecting to Office 365 services in the future.Connecting ...

Apple Shares Requirements for Default Third-Party Browser and Email Apps With Developers

Monday August 3, 2020 4:28 pm PDT by
Apple in iOS 14 plans to allow users to set a third-party app as the default email or browser app on an iPhone or iPad, replacing the current Apple-made default apps Safari and Mail. Apple hasn't provided many details on the new feature to users, but as noted by MacStories' Federico Vittici, Apple has shared documentation with developers who want their apps to have the option to be set as a...