Feeds

Mac trojan evades Apple's brand new security fix

Welcome to the mass market, Cupertino

Website security in corporate America

Just hours after Apple issued a security update to protect Mac users against a rash of scareware attacks, a new variant began circulating that completely bypasses the malware-blocking measure.

The trojan arrives in a file called mdinstall.pkg and installs MacGuard, a malicious application that masquerades as security software the user needs to clean a Mac of some nasty infections said to be discovered during a recent hard drive scan. As reported repeatedly during recent days, a series of clever social engineering attacks on Google, Facebook and elsewhere have been besieging Mac users and tricking a fair percentage of them into installing the rogue antivirus packages.

On Tuesday, Apple updated OS X to detect MacDefender and its variants before users can install it, in what many are regarding as an admission by Cupertino that Mac fans, like users of Windows, need help keeping their machines free of malware. Underscoring that point, the purveyors of the Mac trojans responded, less than eight hours later, with the release of the latest MacGuard variant.

As ZDNet blogger Ed Bott pointed out, it “has been specifically formulated to skate past” Apple's just-released security update.

It's precisely the kind of cat-and-mouse fight that security companies and Windows malware purveyors have been waging for years. And now, it's coming to the Mac.

Now that Macs by default will update a list of known malicious applications every 24 hours, Apple has the ability to respond in kind. It will be interesting to see how long it takes for OS X to block the new variant. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.