iPhone app iPad app Android phone app Android tablet app More

Apple Acknowledges Mac Defender Malware, Promises Mac OS X Update

Apple Mac Defender Malware Software Update

The Huffington Post   First Posted: 05/25/11 09:42 AM ET Updated: 07/25/11 06:12 AM ET

Inspiring
 Funny
 Obsolete
 Scary
 Must-Have
 Amazing
 Innovative
 Nerdy

Apple acknowledged in a statement that Mac Defender malware, a phishing scam that tries to trick users into giving their credit card information, could have affected between 60,000 and 125,000 users. The company posted a new support document providing users with information as to how the malware can be identified and removed and noted that Apple will also issue a Mac OS X update to resolve the issue.

"A recent phishing scam has targeted Mac users by redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus," the press release from Apple said. "The user is then offered Mac Defender "anti-virus" software to solve the issue. This "anti-virus" software is malware (i.e. malicious software). Its ultimate goal is to get the user's credit card information which may be used for fraudulent purposes."

Apple also provided step-by-step instructions on how to avoid or remove the malware, and promised a software update in the next few days.

"In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants," the document said. "The update will also help protect users by providing an explicit warning if they download this malware."

Apple's release comes shortly after the Mac Defender malware issue first started to spike. At the time, the company told support staff not to help customers who came to them with the malware, or even to admit to the existence of such malware.

Read full instructions on how to avoid or remove Mac Defender malware here or on TUAW here.

FOLLOW HUFFPOST TECH

Apple acknowledged in a statement that Mac Defender malware, a phishing scam that tries to trick users into giving their credit card information, could have affected between 60,000 and 125,000 users. ...
Apple acknowledged in a statement that Mac Defender malware, a phishing scam that tries to trick users into giving their credit card information, could have affected between 60,000 and 125,000 users. ...
Related News On Huffington Post:
 

 
 
  • Comments
  • 287
  • Pending Comments
  • 0
  • View FAQ
Comments are closed for this entry
View All
Favorites
Recency  | 
Popularity
Page: 1 2 3 4 5  Next ›  Last »  (5 total)
HUFFPOST SUPER USER
Brian Berneker
I have an opinion and I'm not afraid to state it!
168 Fans
 
11:51 AM on 05/27/2011
I wonder why this malware hasn't yet resulted in a class action fraud lawsuit against the company releasing this trojan? It's not like they aren't revealing their identity by asking you to buy their software "solution". It's been a huge P.I.T.A since it first reared its ugly head on Windows...
Permalink  |
This user has chosen to opt out of the Badges program
photo
Eris23
Justice is in indefinite detention.
469 Fans
02:39 PM on 05/27/2011
You think it's that easy? Do a google search on "Fun Co." There's people complaining about them as of this year. I first saw a charge from them on my CC bill in 1998. Not knowing who they were, or what the $7 charge was, I simply disputed it with my CC company and never heard from them again. However, they've been successfully scamming people through multiple small total credit card charges for over a decade.
Permalink  |
photo
HUFFPOST SUPER USER
Dave Bee
A robot in disguise
72 Fans
06:07 PM on 05/26/2011
When I read the tech section headline entitled, "Apple Gets Honest About New Scam" I thought it would be an article about Apple coming clean that all their iJunk. One day maybe theyll come out and be honest about it.
Permalink  |
HUFFPOST SUPER USER
TheNewsFix
124 Fans
02:39 PM on 05/26/2011
Mark me down in favor of putting a MANDATORY death penalty on even first-time offenses when someone is convicted of writing and distributing malware or virus software.
Permalink  |
photo
HUFFPOST COMMUNITY MODERATOR
WasteNJ
Democracy: (It's bad for business)
2517 Fans
04:58 PM on 05/26/2011
One man's Terrorist is another man's Freedom Fighter

One man's Hacker is another man's IT Security Professional
Permalink  |
photo
HUFFPOST COMMUNITY MODERATOR
WasteNJ
Democracy: (It's bad for business)
2517 Fans
02:00 PM on 05/26/2011
"Apple acknowledged in a statement that Mac Defender malware, a phishing scam that tries to trick users into giving their credit card information, could have affected between 60,000 and 125,000 users."

Hilarious! The problem is weeks old, and they now officially "acknowledge" it, after releasing an internal memo instructing tech staff not to fix the problem, and to lie to customers and "neither confirm nor deny" any problem. Now, they tell the end user to find the infection and delete it manually, and that "patch" is coming.

Here's a news flash for the Mac faithful, no single "patch" will stop you from being vulnerable to Malware. Macs have been hacked in less than 5 minutes through Safari for the last 5 years consecutively at the CanSecWest hacking comp each year. What's worse is that for three years, the same hackers used the same exact exploit; That means Apple knew about the vulnerability for years and did nothing, because the hacks used are given to the manufacturers at the end of the contest so they can fix their products.

Having run a couple of tech shops, it's amazing to think of a company telling it's techs to lie to the customers. Now considering there is a service fee involved for any software repairs, (which this is), were these customers refunded after being lied to about not having Malware in the first place? Why would anybody tolerate that type of behavior?!
Permalink  |
This user has chosen to opt out of the Badges program
photo
JusticeontheRocks
97 Fans
03:50 PM on 05/26/2011
How can any virus run through Safari? It doesn't stay open long enough.
Permalink  |
photo
HUFFPOST COMMUNITY MODERATOR
WasteNJ
Democracy: (It's bad for business)
2517 Fans
04:55 PM on 05/26/2011
OK, here's the info you asked for. As you'll see, typically Safari is hacked in less time than the other entrants, whatever your take on the results is, you will see that Macs are practically no more secure than anything else is, at best.

This Year:
http://www.thinq.co.uk/2011/3/10/mac-os-x-windows-fall-pwn2own-contest/

Last Year:
http://news.cnet.com/8301-27080_3-20001126-245.html
Full Detail from Pwn2Own Competition:
http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010

Two years ago:
http://www.zdnet.com/blog/security/pwn2own-2009-safarimacbook-falls-in-seconds/2917
Permalink  |
photo
HUFFPOST SUPER USER
PhillyKing
108 Fans
01:47 PM on 05/26/2011
"Apple's release comes shortly after the Mac Defender malware issue first started to spike. At the time, the company told support staff not to help customers who came to them with the malware, or even to admit to the existence of such malware."

Where's "Captain Obvvious"??? he's gotta be on here defending this by now... i cant wait to hear how he twists this one ... *grabs popcorn*
Permalink  |
photo
HUFFPOST COMMUNITY MODERATOR
WasteNJ
Democracy: (It's bad for business)
2517 Fans
02:01 PM on 05/26/2011
""Apple's release comes shortly after the Mac Defender malware issue first started to spike"

What's more, it's been over three weeks! That is an eternity in the Malware business.
Permalink  |
photo
HUFFPOST SUPER USER
Mydian01
two by two, hands of blue.
884 Fans
 
06:11 PM on 05/27/2011
weeks, eternity.. ah lawd save meh *swooon* get meh mah fainting couch. :P
Permalink  |
photo
HUFFPOST SUPER USER
amleth
big fan of humanity - very often disappointed
2646 Fans
 
10:29 AM on 05/26/2011
I won't even say what you sound like . . . Get stuffed.
Permalink  |
photo
HUFFPOST SUPER USER
Lulo
Lord Snarkist I of Aragon
1371 Fans
09:29 AM on 05/26/2011
Hey HuffPost...YOU HAVE COMMERCIAL SPAM IN HERE that has been flagged repeatedly. WHat the are you waiting to remove it? Take it down before some innocent user clicks or follows those links. Don't be a slacker.
Permalink  |
photo
HUFFPOST SUPER USER
JohnSawyer
arglebargy
711 Fans
09:11 AM on 05/26/2011
Apple's initial refusal to help people infected by "Mac Defender" malware, or to even acknowledge having heard of it, is pretty sleazy, but we've seen many instances of this since the Mac was released. Ever since I first started working on Macs in 1985, I've seen that it hasn't been unusual for Apple to deny the existence of problems that were obvious to everyone else, both software and hardware. I've been reading reports for years about people calling into Apple support with hardware problems that many other people had already called Apple about, being told "nobody's ever called Apple to report that problem". Apple's excuse, if pressed, often takes the form of "we need to gather enough information about a problem before we can make recommendations or an announcement on what we're going to do", but this is a pretty weak excuse for lying. While it's true that it's "their company" and they can do any weird thing they wish, it's also the right of people to be disgusted by this approach. The strange thing is, most of the time (more often than many other companies), Apple support is very helpful. It's kind of like a schizophrenic favorite uncle who gives you nice things, but every now and then, when one of these things breaks, does an about-face and says "Who cares?"
Permalink  |
photo
HUFFPOST SUPER USER
EAPrince
My other car is an Al'kesh
69 Fans
11:07 AM on 05/26/2011
I think much of it comes down to Apple not wanting to commit itself until it has a plan and usually an answer. Personally I agree that they should be better about getting out in front of these issues as soon as possible. Even if only to acknowledge them and say they're working on it.

The Mac Defender issue is a little unusual in that it's not technically Apple's problem. There is no security flaw or breach involved here. This is a case of a user knowingly installing software that they shouldn't. You can't do much to prevent a user from doing something they want to do. The 'fix' is simply to target this specific piece of software. I think they held off because they didn't want to validate this as a security issue, when it wasn't. Though you can see from headlines and comments to this article that this is exactly how uninformed people are reading it. It's kind of a no-win for Apple. It's not a flaw in their software, but they have to do something and in doing something they will be accused of being at fault in the first place.
Permalink  |
HUFFPOST SUPER USER
jgeurian21
108 Fans
12:57 PM on 05/26/2011
I disagree that you can't do much to prevent a user knowingly installing malicious software. I have a program that maintains a database of such programs and will notify me if I am possibly installing such a program. Even the UAC in Windows 7 has the ability to flag possible malicious software. Even Microsoft Security Essentials has the ability to flag possible malicious software and it is a free product.
Permalink  |
This comment has been removed due to violations of our [Guidelines]
Permalink  |Show replies(2)
photo
HUFFPOST SUPER USER
JohnSawyer
arglebargy
711 Fans
08:11 AM on 05/26/2011
I'm curious: How does the argument that there's little malware for OS X, because the marketshare for the Mac is too small to hackers to bother with, account for the fact that, prior to OS X, when the Mac had a much smaller marketshare vs Windows PCs than it does now, that there were quite a few viruses freely in the wild for pre-X, but when OS X was released, the number dropped immediately to zero, and has been extremely small since then? I can tell you that dealing with viruses prior to OS X was sometimes no picnic. When OS X was released, all that ended. The only malware I've personally seen since then, on Macs running OS X, has been Windows viruses contained within files from Windows PCs, which of course don't infect OS X.

White papers were published some years ago, which explained how Apple had written routines into OS X which prevent it from being nearly as easily infected by viruses hiding in files, etc. (which doesn't include attacks via social engineering which tricks some users into overriding safeguards) as Windows. I've never seen an explanation from anyone claiming that Windows and OS X are equally susceptible to viruses, or that the Mac's smaller market share is the explanation, describe from an informed and detailed technical viewpoint, their understanding of these particular parts of each OS, nor addressing how Windows originally was designed with less security in order to make some things easier on programmers.
Permalink  |
photo
HUFFPOST SUPER USER
EAPrince
My other car is an Al'kesh
69 Fans
11:18 AM on 05/26/2011
One thing that makes a huge difference is the Unix underpinnings of OS X. Even an Admin level user has to authenticate to install software, change certain settings or delete system level files. And even an Admin level user cannot see the contents of other user's profiles. Under Most versions of Windows, an admin user can see everything. It's also easier to delete files you shouldn't. I think the requirement to enter your password to OK something is far more likely to stop you from doing something stupid than simply clicking an 'Allow' button.

What all this does as far as trojans, malware and viruses is make it more difficult for the nefarious program to do very much without triggering authentication prompts or being blocked all together. Not impossible, but difficult. It's also easier under OS X to operate as a basic user, without admin rights, which gives the OS much more protection.
Permalink  |
photo
HUFFPOST COMMUNITY MODERATOR
WasteNJ
Democracy: (It's bad for business)
2517 Fans
02:04 PM on 05/26/2011
Remote script execution is done in OS-X through the browser, Safari is the vulnerable point, Java in Safari to be exact. But that ain't the only way in....

http://cybernetnews.com/in-2-minutes-you-can/
Permalink  |
This user has chosen to opt out of the Badges program
photo
Eris23
Justice is in indefinite detention.
469 Fans
02:50 PM on 05/27/2011
Times changed. That's really it. Any completely new OS is going to have "zero viruses" at the start. The same could have been said for XP Pro x64. However, by the time OS X and XP came out, the culture of computer viruses had completely changed. Yes, in the earlier days, you'd find viruses for both DOS and Mac OS. However, they were largely being written by younger coders that were often in ego wars with other virus coders and merely trying to make a name for themselves in that corner of the underground. Once the internet and e-commerce came into play, virus coders were more about making money and were often connected to organized crime.

Thus, for the new days, the "market share" point makes a lot of sense, as absolutely no malware coder looking to harvest passwords or financial data assumes that their program will be undetectable forever, if even for a long time. Thus, you hit up the biggest pool.
Permalink  |
photo
HUFFPOST SUPER USER
Lulo
Lord Snarkist I of Aragon
1371 Fans
06:49 AM on 05/26/2011
Now and then I run Clam AV just to check....and I decided to do it again this week just to check.

THE RESULTS:

Mac OS X - Snow Leopard (primary):

Windows Trojans Horses: 32. Most from email attachments from Windows documents.
WIndows Viruses: 17. Most from email attachments from Windows documents.

Mac Trojan Horses or Viruses: 0

I also run the antivirus software in all my virtual boxes:

THE RESULTS:

UBUNTU (primary): 19 Windows trojans horses and 7 viruses. Most from email attachments from Windows documents.

No Linux viruses or trojan horses.

CENTOS (primary): 8 Windows trojan horses and 3 viruses. Most from email attachments from Windows documents.

No Linux viruses or trojan horses.

MAC Server: No viruses of any kind.

Windows XP: 19 trojan horses and 12 viruses. All from infected downloaded files.

Windows 7: 6 trojan horses. All from infected downloaded files.

CONCLUSIONS:

A) The hysteria over this latest malware attack is way overblown, fueled mostly by PC fanboys and technical writers looking to score hits for their sites.
B) Windows users are still the origin of most REAL viruses and trojan horses, which they pass around like the common cold.
C) Non-technical users are still the weak link regardless of which OS you are suing.
D) Any NIX-based system is far less likely to get infected with a virus than WIndows.

And now back to bash because I got a code freeze upon me and lots of GIT repos to update.
Permalink  |
inguatu
5 Fans
07:49 AM on 05/26/2011
Regardless of what Luli tries to tell you, NORMAL Joe Shmoes and their parents WILL be infected by a Mac virus/trojan because they've been told by smug people like CaptianObvious and Lucyli just because THEY have run Macs for years without any issues and there is no such thing as a mac virus or trojan, that the world is safe. LIES. These malware developers are exploiting the less knowledgeable. These are no different than companies scamming unknowing people out of cash. News flash LillyLo, malware people aren't going after you. they're going after your grandmother who you convinced to buy a Mac out of shear loyalty. Sooner or later those so called "email attachments" will be branded for Macs too. Actually they already have. Warn your little granny.

Lastly, I find it ironic you're running ClamAV on a Mac. Also, I'm not sure which sites you are frequenting or have signed up to receive emails for but I haven't received an email attachment in years from a malware developer. the most spam people get these days is for Canadian drugs, fake shoes and a Nigerian prince. So what sites you digging into on your free time? Or, is it the fact you are LYING, considering a lot of malware is shifting over to social networking and sites-specific account phishing (eg. PSN, banks, WOW accounts). Granted, it's ok to have brand loyalty, but to blindly lie doesn't make you look like a good person. Your granny would appreciate that.
Permalink  |
photo
HUFFPOST SUPER USER
JohnSawyer
arglebargy
711 Fans
08:50 AM on 05/26/2011
"Sooner or later": ten years seems a long time to be calling "sooner". This sounds a lot like the "end of the world sooner or later" predictions we've been hearing about again lately. I can believe occasional small earthquakes, bad weather, etc., but not doomsday.

As for email attachments "branded" for Macs too, already being out there, can you cite instances of any significance?

While phishing attacks, and other attacks not of the classic virus variety, are of concern and need to be publicized more, Lulo not referencing them isn't a sign of some conspiracy on his part to promote malware. The virus numbers Lulo cites aren't made-up, and hence do have more meaning than you attribute to them. If you're running antivirus software on your computer (presumably not a Mac), then your stewardship of your computer is to be commended, and may be a partial explanation for your not seeing the number of infected emails as Lulo is seeing--presumably they're being eradicated from your computer on the fly. But since Lulo uses OS X, Ubuntu, and Centos, he's not running a background-scanning antivirus utility (which ClamAV isn't), and hence the Windows viruses collect on his computer and stick around for a while, since they're not being actively removed from his OSs, and since they don't infect his OSs, they don't draw attention to themselves. Also, infected emails usually don't arrive directly from malware authors, but from normal users whose OSs and apps have been infected.
Permalink  |
photo
HUFFPOST SUPER USER
Mydian01
two by two, hands of blue.
884 Fans
 
12:34 PM on 05/26/2011
reread conclusion A
Permalink  |
photo
HUFFPOST SUPER USER
archanjo
fullapureDfunk
252 Fans
 
04:28 AM on 05/26/2011
I am not as big a fan of Macs as I once was. Their core intent has changed. But on the Malware Front, this was a successful phishing expedition that was easily fixed, unlike the 100 or more new malware profiles Aware updates for the PC every week.

To me, a computer should be as reliable as a stove or toaster. Heat,cook, eat....
Permalink  |
This user has chosen to opt out of the Badges program
fjohnanderson
72 Fans
02:53 AM on 05/26/2011
"Apple's release comes shortly after the Mac Defender malware issue first started to spike. At the time, the company told support staff not to help customers who came to them with the malware, or even to admit to the existence of such malware."

Yet another reason not to buy an Apple. I guess if they admited they got malwared they would have to rewrite all the ads saying they are malware and virus proof. Apple and thier cult of users is way deep in denial.
Permalink  |
HUFFPOST SUPER USER
ilovedessert
169 Fans
02:12 AM on 05/26/2011
It sure took Apple long enough! They stuck their head in the sand and thought the issue would just go away!
Permalink  |
inguatu
5 Fans
07:50 AM on 05/26/2011
that's the apple way. Frail $teve Job$ closes his beedy little eyes and hopes it'll all just go away. When it doesn't, he lashes out like an egomaniac.
Permalink  |
photo
HUFFPOST SUPER USER
Mydian01
two by two, hands of blue.
884 Fans
 
12:35 PM on 05/26/2011
only person i see lashing out is you.
Permalink  |
photo
HUFFPOST SUPER USER
PhillyKing
108 Fans
01:55 PM on 05/26/2011
dude... i hate on apple fanbois all day long... but there's no need for "Frail Steve Jobs" to be mentioned like that... it looks petty.
Permalink  |
This user has chosen to opt out of the Badges program
photo
hommie
23 Fans
01:37 AM on 05/26/2011
Typical mac user reasons like this
Virus are for pc
Mac's DONT get virus
therefore
Mac's are secure
Permalink  |
photo
HUFFPOST SUPER USER
Mydian01
two by two, hands of blue.
884 Fans
 
12:36 PM on 05/26/2011
1 < 10,000,000
Permalink  |
This user has chosen to opt out of the Badges program
photo
hommie
23 Fans
02:12 AM on 05/27/2011
1 = 90% market share, 10,000,000 = 7.4% market share
therefore
1>10,000,000
you variable are incorrectly declared
Permalink  |
Page: 1 2 3 4 5  Next ›  Last »  (5 total)