Yesterday, we noted that the attackers behind the "Mac Defender" malware had moved quickly to combat Apple's new security update, within hours releasing a new variant of the malware that was capable of skirting around Apple's new protection.
Fortunately for users, Apple has moved almost as quickly as the attackers, quashing any potential fears that the company might be slow to respond to each new threat that appears. As reported by Italian site Spider-Mac [Google translation], Apple has already issued an update to detect the new variant, pushing out a new entry for "OSX.MacDefender.C" to the Xprotect.plist file that contains the signatures for identifying malware.
After the update, users are indeed presented with a warning if they begin to download the latest variant:
/article-new/2011/06/macdefender_mdinstall_warning.jpg?lossy)
As part of the security update earlier this week, Apple included a system to automatically update the Xprotect.plist anti-malware definitions every 24 hours, giving the company the ability to quickly push out new protection for Mac OS X Snow Leopard users. While this is unlikely to be the end of the Mac Defender attackers' efforts, it does appear that Apple is committed to responding and issuing updates to its users as quickly as the attackers can churn out new variants.
Top Rated Comments
(View all)The writers of this malware love to see Apple jumping through the hoops they make. This will on,y get worse with 10.7, as per Apples history, new OSes are filled with bugs and exploitable flaws.
You mean like windows where the general advice it not to install it until SP1 is released?
The attackers will always be one step ahead...
But if Apple stays only one step behind and closes the holes within 24 hours each time, the attackers will soon learn that there isn't that much to be gained by the effort. They'll have to try another approach.
You know, this relatively benign malware is, on balance, a good thing. This will educate Mac users not to click OK on software they did not choose to install. So that when something really serious shows up, they will know better thanks to this mild version that is merely annoying.
The writers of this malware love to see Apple jumping through the hoops they make. This will on,y get worse with 10.7, as per Apples history, new OSes are filled with bugs and exploitable flaws.
Completely irrelevant. MacDefender doesn't take advantage of any flaw or bug in OS X. The only flaw in play here is people's gullibility.
I wouldn't be surprised if the entire thing weren't stage-managed by Apple to give them an argument in favour of a move to an iOS-style Mac App Store-only software model. (Jailbreak your Mac, anyone?)
Here we go again - people running out of real arguments against apple clinging to stupid claims like this ....
You have to install this yourself.... it is NOT a virus... but maleware.
Not sure exactly how OSX is less secure? Maleware has been around for years for OSX.... just don't install the damn thing!
Maleware? What's maleware? Sounds like a line of men's lingerie. :confused:
This doesn't bode well for Lion's release. Even if these threats don't indicate a material problem with OS X, the fact that Apple has been baited into an arms war makes OS X look less secure.
What kind of logic is this?