Apple Promises Software Update to Kill ‘MacDefender’ Malware

Apple’s MacBook Air ships with Mac OS X Snow Leopard. Photo: Jon Snyder/Wired.com

Apple has published instructions on removing a piece of malicious software that targeted Mac customers. The company claims that an upcoming Mac software update will remove the malware from infected systems.

In a bulletin published Tuesday evening, Apple listed steps to remove the malware, and added that an upcoming software update for Mac OS X would detect and remove the malware, as well. The OS X update will also warn customers if they click on the malware’s Install button, according to Apple.

The malware, called MacDefender, MacProtector or MacSecurity, manipulated customers with a web pop-up warning them that they were infected with a virus. The malware promised to remove the virus, but once installed, it sporadically loaded porn-popups on the computer. The ultimate goal of the malware was to steal credit-card information by convincing people to pay for the fake antivirus software.

Wired.com last week reported an uptick in the number of customers reporting malware-infected machines on Apple support forums and to Apple support technicians. MacDefender was the main culprit among the reports.

The growing presence of MacDefender renewed a timeless debate about the state of Mac security versus Windows security. Security researcher Charlie Miller told Wired.com that while he believed the malware problem was growing worse on the Mac, it’s still a small threat compared to malware on Windows.

Miller and many security researchers agree that the Mac architecture is not inherently more secure than Windows to make it invulnerable from viruses; the idea that Macs can’t get viruses is a myth. The simple explanation is that few virus makers target the Mac platform because it has such small market share compared to Windows.

Apple’s software update and security bulletin provide evidence that a considerable number of customers were affected. However, it’s impossible to know just how many, because Apple has not responded to press inquiries about MacDefender.

ZDNet’s Ed Bott, who was first to discover numerous complaints about MacDefender, claims that one AppleCare agent said 50 percent of calls to the support hotline two weeks ago were related to MacDefender. He also claims that AppleCare receives between 10,000 and 20,000 calls a day, and because MacDefender has been making the rounds for the past 25 days, he estimates between 60,000 and 125,000 Mac customers have reported being infected by the malware.

Just because Apple is issuing a software update does not mean the threat of MacDefender is completely squashed. In an e-mail to Wired.com, ESET security noted that the MacDefender malware continues to evolve in appearance and name to fool naive customers.

“The malware’s name is going to change continuously, and it’s likely the user interface will, as well,” said Dan Clark, vice president of marketing at ESET.

Clark wrote a blog post with screenshots showing what the malware looks like when attempting to infect a machine.

See Also:

Article source: http://www.wired.com/gadgetlab/2011/05/apple-malware

View full post on National Cyber Security » Virus/Malware/Worms

Leave a Reply