Unless you’ve been in a cave recently, you’ve probably heard of Apple’s recent problems with malware…
That’s right, the company that always touted that they were untouchable when it came to malware. Most people agreed that since they has a small market share compared to Microsoft, who would bother with virus attacks on them? Well, someone finally did.
Of course Mac’s have been subject to malware for some time, but most anti-virus software did a decent job. The current attack is called Mac Defender (or MacProtector, MacSecurity), although it has since changed its name and the way it infects the user’s computer.
It’s been out for almost a month now. The first variation, Mac Defender, prompted the user for an administrator password. Once that was provided, the virus installed itself and then deleted the executable program.
Within hours of Apple announcing to users a fix on their support site, a new variation of the virus was launched that did not require the administrator password. As long as the administrator was logged in, the fake anti-virus program would “detect” malicious software and open the installer automatically. The user would just have to click ‘continue’ to start the installation. Windows users are probably used to the rogue anti-virus or fake anti-virus malware that have plagued Windows machines and grown in popularity the last few years. That’s essentially what this is. It’s now known as MacGuard.
Apparently, Mac users are getting the virus when going to a website that ranks very well in search engines, and unbeknown to them, it’s being installed. I searched Apple’s support site for “MacGuard” but didn’t find anything. They still have the support for MacDefender, which as I described above, is mostly irrelevant now. They uninstall process might be the same, but the virus will install itself without a password, making it trickier for users to detect that it’s malware.
Intego, developers of security software for Mac, presume MacGuard’s overall purpose is to obtain credit card numbers or setting a foundation for future attacks. If you watch videos on Mac Guard, you will see the option to pay for the fake software. Whether it charges the card or just steals the number, I’m not sure.
Experts believe Apple is behind the curve, they haven’t had to battle with hackers and malware developers as much. Windows is seasoned. We all hated the UAC warnings that would pop up in Windows Vista asking our permission for everything. This was fixed in Windows 7. There’s little interruption. The fact is, there’s always a balance between security and usability. In Vista we saw too much security, for good reason I’m sure, but user experience suffered. Apple for the most part denied the fact their machines could get infected, and praised it’s usability. It looks like they’re going to have to go through the same painful lessons Microsoft has.
It seems many Mac users don’t seem as secure and “in the clear” as they used to. I’ve even read reports of the Genius Bar turning people away that have MacDefender. This definitely isn’t the last we’ve seen of this.