Malware alert: MAC Defender
#1
Malware alert: MAC Defender
I didn't see anything about this yet, but I've had a few clients with this software on their machines. So I figured I'd post this link discussing MAC Defender (the latest attempt at malware on the mac), which also includes some instructions on how to remove it.
Remove Mac Defender (Uninstall Guide)
Even after removing it manually I've run a scan with ClamXav (linked here) on some machines, which will sometimes find and remove a few remnants of the software.
Hope none of you guys get infected/give the software your information. But hopefully this helps just in case.
Remove Mac Defender (Uninstall Guide)
Even after removing it manually I've run a scan with ClamXav (linked here) on some machines, which will sometimes find and remove a few remnants of the software.
Hope none of you guys get infected/give the software your information. But hopefully this helps just in case.
#2
One would have to be quite exceedingly silly to install such software. As such, exploit by user error is one of the few ways the OS can be compromised.
If you were silly enough to do so, you're better off reinstalling, recovering your data, and not doing that again.
If you were silly enough to do so, you're better off reinstalling, recovering your data, and not doing that again.
#4
Due to the simplistic nature of this piece of malware (and its subsequent ease of removal) there is no reason to reinstall. It isn't like windows malware which can cause all sorts of hidden issues.
Just figured this thread would help if anyone or their friends/family were to accidentally install this stuff.
#5
Due to the simplistic nature of this piece of malware (and its subsequent ease of removal) there is no reason to reinstall. It isn't like windows malware which can cause all sorts of hidden issues.
#6
Apple has gone to fairly significant lengths to prevent inadvertent root access to the system-- all but the truly clueless generally question running something with such permissions downloaded from a website they do not trust.
Trusting a system to any hostile script or program that has been given superuser access is an extremely bad idea. Assuming "oh, well, I got everything" is just a bad practice and should not be applied to any system with any kind of sensitive data on it.
Trusting a system to any hostile script or program that has been given superuser access is an extremely bad idea. Assuming "oh, well, I got everything" is just a bad practice and should not be applied to any system with any kind of sensitive data on it.
How would you ensure that your data is clean after a reinstall? PC viruses and malware will often infect pieces of user data so that even if it were to be moved over to the machine after a reinstall, the virus would still be there. This virus isn't malicious enough to do any damage to a user's system or infect their files. A simple manual deletion and a scan with your mac antivirus of choice is more than enough (shoot, even doing a spotlight search and delete for all of the files associated will work fine with this one).
Either way, this is useful information for all users to have, as it is the first truly widespread piece of malware for OS X. Having the knowledge that this is out there will hopefully make people more cautious (or at least safety conscious) about their downloading and browsing habits.
#7
Rather ironically, running such things up the flag pole only makes the uninformed more likely to install random "anti virus" software they don't need.
#8
It's an ehh solution to a problem that should never exist in the first place - whoever gives up their password at every OS prompt without giving it a second thought are the sort of users who shouldn't have been given the super user password for their computer to begin with . . .
#9
In fact it is not. There have been several social engineering based exploits in past, and it remains the only widely available avenue to compromise OS X. Drawing significant attention to it as though it is OMG MAC VIRUS!!11oneone is rather silly, especially given that Apple has placed numerous safeguards into the OS to prevent people from being engineered into doing something they should not.
Rather ironically, running such things up the flag pole only makes the uninformed more likely to install random "anti virus" software they don't need.
Rather ironically, running such things up the flag pole only makes the uninformed more likely to install random "anti virus" software they don't need.
I don't see this as fear mongering or scaring people into being "safe." I see this as a way to let people know what is out there and to help them be more aware of what sort of things they may potentially be giving their admin password to. I would agree that AV software is not yet needed on the mac, but ClamXav doesn't run all the time, so it doesn't hurt to have it installed (it is what I recommended in the first post if someone were to feel the need to have AV software).
Thread
Thread Starter
Forum
Replies
Last Post
Captain Stradale
Bentley | Rolls Royce | Land Rover
60
08-12-2011 11:45 AM
Bookmarks
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)