Mac malware already evades scareware security update

James Delahunty
1 Jun 2011 14:33

Mac users feel the pain of Windows users caught in the middle of a cat and mouse game with malware authors.
It only took a few hours after Apple released an update to protect Mac users against recent MacDefender scareware attacks for a new variant to show up that is immune to the current targeted protection being offered by Apple.

A sophisticated social engineering attack that targets Google search results and Facebook has led to thousands of Mac users installing scareware products under the MacDefender umbrella. The scareware, like its Windows lookalikes, prompts users with a phony list of detected threats on the machine, and tries to scam credit card and other information from the user.
Apple had promised a fix for Mac users, and delivered one on Tuesday. The OS X update detects MacDefender variants and removes them, as well as detecting them before they can be installed by the user.

However, it is being reported that within eight hours of the update going live, a new variant was already doing the rounds that is "specifically formulated" to get around the security update.

Since Macs will now automatically look for an updated list of known threats every 24 hours, Apple has the ability to respond quickly to new variants. Some speculate that this is a taste of what is to come for Apple in the near future.

On Windows, scareware / malware threats evolved over time to anticipate moves to fight them by Microsoft and dozens of security firms that offer products to fight infection. It is common for malware to utilize self-protection mechanisms, such as blocking Windows updates in any of dozens of ways, and blocking communications with anti-malware servers to stop periodic legitimate A/V updates or access to A/V software.

More from us
Tags
malware Apple
We use cookies to improve our service.