Apple Responds Quickly to Evolving 'Mac Defender' Threat With Updated Malware Definitions

Yesterday, we noted that the attackers behind the "Mac Defender" malware had moved quickly to combat Apple's new security update, within hours releasing a new variant of the malware that was capable of skirting around Apple's new protection.

macdefender c xprotect

Xprotect.plist before (left) and after (right) latest update to address new Mac Defender variant

Fortunately for users, Apple has moved almost as quickly as the attackers, quashing any potential fears that the company might be slow to respond to each new threat that appears. As reported by Italian site Spider-Mac [Google translation], Apple has already issued an update to detect the new variant, pushing out a new entry for "OSX.MacDefender.C" to the Xprotect.plist file that contains the signatures for identifying malware.

After the update, users are indeed presented with a warning if they begin to download the latest variant:

macdefender mdinstall warning
As part of the security update earlier this week, Apple included a system to automatically update the Xprotect.plist anti-malware definitions every 24 hours, giving the company the ability to quickly push out new protection for Mac OS X Snow Leopard users. While this is unlikely to be the end of the Mac Defender attackers' efforts, it does appear that Apple is committed to responding and issuing updates to its users as quickly as the attackers can churn out new variants.

Top Rated Comments

0815 Avatar
148 months ago
The writers of this malware love to see Apple jumping through the hoops they make. This will on,y get worse with 10.7, as per Apples history, new OSes are filled with bugs and exploitable flaws.

You mean like windows where the general advice it not to install it until SP1 is released?
Score: 18 Votes (Like | Disagree)
NebulaClash Avatar
148 months ago
The attackers will always be one step ahead...

But if Apple stays only one step behind and closes the holes within 24 hours each time, the attackers will soon learn that there isn't that much to be gained by the effort. They'll have to try another approach.

You know, this relatively benign malware is, on balance, a good thing. This will educate Mac users not to click OK on software they did not choose to install. So that when something really serious shows up, they will know better thanks to this mild version that is merely annoying.
Score: 17 Votes (Like | Disagree)
beg_ne Avatar
148 months ago
The writers of this malware love to see Apple jumping through the hoops they make. This will on,y get worse with 10.7, as per Apples history, new OSes are filled with bugs and exploitable flaws.

Completely irrelevant. MacDefender doesn't take advantage of any flaw or bug in OS X. The only flaw in play here is people's gullibility.
Score: 12 Votes (Like | Disagree)
0815 Avatar
148 months ago
I wouldn't be surprised if the entire thing weren't stage-managed by Apple to give them an argument in favour of a move to an iOS-style Mac App Store-only software model. (Jailbreak your Mac, anyone?)

Here we go again - people running out of real arguments against apple clinging to stupid claims like this ....
Score: 11 Votes (Like | Disagree)
cnixon Avatar
148 months ago
You have to install this yourself.... it is NOT a virus... but maleware.

Not sure exactly how OSX is less secure? Maleware has been around for years for OSX.... just don't install the damn thing!

Maleware? What's maleware? Sounds like a line of men's lingerie. :confused:
Score: 11 Votes (Like | Disagree)
angrynstupid Avatar
148 months ago
Huh?



This doesn't bode well for Lion's release. Even if these threats don't indicate a material problem with OS X, the fact that Apple has been baited into an arms war makes OS X look less secure.

What kind of logic is this?
Score: 11 Votes (Like | Disagree)

Popular Stories

iOS 16

Apple Releases iOS 16.0.2 With Bug Fixes for iPhone 14 Pro Camera Vibration, Copy/Paste Issue and More

Thursday September 22, 2022 1:04 pm PDT by
Apple today released iOS 16.0.2, addressing a number of bugs that iPhone 14 owners have been experiencing since the new devices launched. iOS 16.0.2 comes two weeks after the launch of iOS 16, and it follows iOS 16.0.1, an update made available to iPhone 14 owners on launch day. The update is available for all iPhones that are capable of running iOS 16. The iOS 16.0.2 update can be...
maxresdefault

Video Review: Four Days With the iPhone 14 Pro Max

Wednesday September 21, 2022 7:49 am PDT by
Apple on Friday released the new iPhone 14 models, and MacRumors videographer Dan picked one up on launch day. He's been using the iPhone 14 Pro Max non-stop since it came out, and over on the MacRumors YouTube channel, has shared his initial thoughts on the day-to-day experience with the latest iPhone. Subscribe to the MacRumors YouTube channel for more videos. Dan's mini review highlights...
iPad Pro Big Ol Logo

Five Features Rumored for the New iPad Pro Expected Next Month

Wednesday September 21, 2022 1:36 am PDT by
Rumors suggest Apple will announce new 11-inch and 12.9-inch iPad Pro models as soon as next month. The new iPads will be the first update to the iPad Pro series since April 2021 and will be an overall incremental upgrade that brings new capabilities and functionality to the highest-end iPad. According to reports, Apple is planning an event for October to announce the new iPad Pro models, a...
ios 16 lock screen feature

Some iOS 16 Users Complain About Slow Spotlight Search and Battery Drain

Wednesday September 21, 2022 4:25 am PDT by
It's been nine days since Apple released iOS 16 to the public, bringing major changes to the Lock Screen, Messages, Maps, and more. In the days following the release, some users have encountered several issues on their iPhones, ranging from slow system performance to battery drain. In the past few days, iPhone 14 Pro users have shared specific bugs related to Apple's latest high-end iPhones, ...
Dynamic Island For Android Users Feature

Android App Copying iPhone 14 Pro's Dynamic Island Released on Play Store

Thursday September 22, 2022 7:57 am PDT by
A copycat version of the iPhone 14 Pro's Dynamic Island has arrived on Android's Google Play Store in the form of an app called "dynamicSpot." The app, still in beta, offers customers several different experiences at the top of their smartphones. In its current form, dynamicSpot offers playback control for songs, timers, battery status, and more features coming soon, according to the app's...
facebook meta

Meta Sued Over Tracking iPhone Users Despite Apple's Privacy Features

Thursday September 22, 2022 5:12 am PDT by
Meta is facing a new proposed class action lawsuit that accuses it of tracking and collecting the personal data of iPhone users, despite features and policies made by Apple which are meant to stop that same type of tracking. In August, it was revealed that with the Facebook and Instagram apps, Meta can track all of a user's key taps, keyboard inputs, and more, when using the in-app browser....
apple watch ultra reddit 1

Lucky Customer Gets New Apple Watch Ultra Two Days Early

Wednesday September 21, 2022 2:03 pm PDT by
With millions of devices shipping out to customers with every Apple launch, there's occasionally someone who gets lucky and gets a new product ahead of schedule. This time around, Redditor playalisticadillac received an Apple Watch Ultra from AT&T two days before the official debut, sharing some images on the social media site. The images include an unboxing and comparisons to the...
new airpods pro ear tips

Apple Explains Why Second-Generation AirPods Pro Ear Tips Are Incompatible With Original AirPods Pro

Thursday September 22, 2022 3:12 pm PDT by
Apple today explained why the new silicone ear tips for the second-generation AirPods Pro are not officially compatible with the original AirPods Pro. In an updated support document, Apple said the original AirPods Pro ear tips have "noticeably denser mesh" than the second-generation ear tips. Apple did not provide any additional details, but the mesh density could result in acoustical...