- Joined
- Feb 24, 2011
- Messages
- 3,733
- Reaction score
- 124
- Points
- 63
- Location
- Maryland
- Your Mac's Specs
- March 2011 15" MBP 2.3GHz i7 Quad Core 8GB Ram | Mid 2011 27" iMac 3.4 GHz i7 16 GB RAM 2 TB HDD
Mac Guard - New Mac Defender malware variant drops admin password requirement
Figured I'd give this its own thread - just so folks who don't read the nerd sites that I do will see it.
New Mac Defender malware variant drops admin password requirement
Figured I'd give this its own thread - just so folks who don't read the nerd sites that I do will see it.
New Mac Defender malware variant drops admin password requirement
When we spoke with Intego spokesperson Peter James last week, he pointed out that he initially saw a new Mac Defender variant every 12 to 24 hours, but eventually stopped seeing new versions. He warned that the creators could be revamping the malware to stay under the radar of legit antivirus software or to find new ways to poison users' machines. Now with the availability of Mac Guard, that indeed seems to be the case.
"Unlike the previous variants of this fake antivirus, no administrator’s password is required to install this program. Since any user can install software in the Applications folder, a password is not needed," Intego wrote on its blog. "This package installs an application—the downloader—named avRunner, which then launches automatically. At the same time, the installation package deletes itself from the user’s Mac, so no traces of the original installer are left behind."
Once again, the company advises users to turn off "Open 'safe' files after downloading" in their Safari preferences, since this malware (and others like it) are making their way onto users' computers via maliciously crafted URLs.