There's a significant school of thought that... Windows' success happened because of Solitaire - Wendy M. Grossman
|
|
|
The Apple Mac OS X malware cat and mouse game begins
A CAT AND MOUSE GAME has developed between Apple and bad guys looking to catch Mac OS X users with fake anti-virus software scams.
Last week Apple released a Mac OS X update that was meant to protect users against Macdefender malware targeting Mac users. People were being redirected from legitimate websites to fake ones claiming that their systems had a virus, which then offered them fake security software, for a price.
But criminals moved fast to get by Apple's barrier, creating new variants to get by the File Quarantine function that is supposed to check files for safety. Mac security firm Intego published an alert about Macguard, which evaded Apple's signature-based malware detection system.
Following the appearance of this virus, Apple updated its Xprotect malware definitions to defend users against the new variant. As security firms know from good experience on Windows, this back and forth game could go on in an endless cycle.
Intego wrote, "The cat and mouse game has begun. We will be following this closely, and testing all new variants as they appear. The people behind this malware have shown that they can react very quickly, and Apple has reacted rapidly as well."
Chester Wieniewski, a senior security advisor at Sophos said the malware authors got around Apple's security detection by using a small downloader program to do the initial infection, which then retrieved the actual payload.
He said, "This approach may be successful as it will be easier for the malware authors to continually make small changes to the downloader program to evade detection while leaving the fake anti-virus program largely unchanged."
"Why is this important? Apple's Xprotect is not a full anti-virus product with on-access scanning. Xprotect only scans files that are marked by browsers and other tools as having been downloaded from the internet."
"If the bad guys can continually mutate the download, XProtect will not detect it and will not scan the files downloaded by this retrieval program." µ
Share this:
Share
Altogether this is a good thing. I am an iT pro, I love my MacBook Pro, I love OSX, and I always felt it would be a good thing to force Apple into recognizing it is not as secured as they say it is. I spend tons of times securing my customer's Mac and I wished they would be more secured from the get-go....
"@Tetagrama Seton: Also, in case You did not notice, Mac OS runs on a Linux variant, just like Ubuntu. I would strongly suggest You spend a little more time researching information before making claims, lest You lose credibility with Others."
OS X is a BSD variant, not Linux.
Linux, BSD, OS X, are all Unix derivatives.
"Those interested in staying ahead of the viri writers can always move to linux based open source operating system like Ubuntu, but this requires some intelligence and I doubt Apple fanboys would have the courage."
I have several Linux distros and a couple BSD's on my iMac.
Does that mean I'm really really really intelligent, or only if I wipe OS X and BSD, and use Linux exclusively?
There seems to be no shortage of ass wipes on the interweb these days.
@Tetagrama Seton: Also, in case You did not notice, Mac OS runs on a Linux variant, just like Ubuntu. I would strongly suggest You spend a little more time researching information before making claims, lest You lose credibility with Others.
@Tetagrama Seton (and the original Author of the article): Not to burst Your bubble but the Macdefender malware is not a virus. A virus is a computer program that can copy itself and infect a computer. (Source: http://vx.netlux.org/lib/aas10.html) Conversely, Macdefender is scareware, to which Nobody to My knowledge has ever claimed any computer is immune. Please, get Your terms right; doing so is very important in pursuit of open, honest, and constructive discussions.
Now, with scareware, the same solution exists with unsolicited telephone calls requesting Your banking information: don't give it out and if You experience such a request, verify the authenticity with a trusted source.
Its about time iCrap fanboys faced what other computer users have been aware of- no operating system is safe and you have to fight to keep your system virus free. For the longest of time technologically preliterate people were herded to overpriced mediocre hardware with the claims that "Mac computers are free from viruses". Viri writers could not be bother given their numbers, but now that a larger number of computer users are considering the Apple possibility, it stand to reason that Macs should be targeted and they are so very open to attack given the complacency of the Mr Jobs.
Those interested in staying ahead of the viri writers can always move to linux based open source operating system like Ubuntu, but this requires some intelligence and I doubt Apple fanboys would have the courage.
Or do these anti virus firms seem to find these new variants awfully fast ;)