Date: Thursday, June 2nd, 2011, 04:10
Category: News, security, Software
Only one day after Apple released a security update for Mac OS X to address the “MAC Defender” malware, a new variant of the bogus antivirus software has been spotted in the wild.
Per ZDNet, the new variation of MAC Defender, named “Mdinstall.pkg,” has been crafted to bypass the new malware-blocking code made available by Apple. That update for Mac OS X, Security Update 2011-003, was released on Tuesday.
“The file has a date and time stamp from last night at 9:24PM Pacific time,” Bott wrote. That’s less than 8 hours after Apple’s security update was released. On a test system using Safari with default settings, it behaved exactly as before, beginning the installation process with no password required.
“As PC virus experts know, this cat-and-mouse game can go on indefinitely. Your move, Apple.”
Security Update 2011-003 included changes to the File Quarantine feature found in Mac OS X 10.6 Snow Leopard. It includes anti-malware definitions within the operating system itself, and examines external files downloaded within Mail, iChat, Safari, or other quarantine-aware applications.
Some reports have suggested that the “MAC Defender” malware has spread quickly, with Bott earlier citing an anonymous AppleCare representative that apparently said the “overwhelming majority” of recent calls to Apple were related to the malware. Last week, Apple posted instructions on its site informing users on how to remove the malware.
Stay tuned for additional details as they become available.
- Apple releases Java for Mac OS X 10.6 Update 16
- iPhone case hints at thicker, rounder design for upcoming low-cost iPhone
- AT&T updates carrier settings, pushes Wireless Emergency Alerts
- Sprint adds 4G LTE access to 22 additional U.S. cities
- Adobe releases Creative Cloud apps into wild, offers discounts