• This forum is for posting news stories or links from rumor sites. When you start a thread, please include a link to the site you're referencing.

    THIS IS NOT A FORUM TO ASK "WHAT IF?" TYPE QUESTIONS.

    THIS IS NOT A FORUM FOR ASKING QUESTIONS ABOUT HOW TO USE YOUR MAC OR SOFTWARE.

    This is a NEWS and RUMORS forum as the name implies. If your thread is neither of those things, then please find the appropriate forum to ask your question.

    If you don't have a link to a news story, do not post the thread here.

    If you don't follow these rules, then your post may be deleted.

Upcoming MacDefender patch is not the first AV tweak to Mac OS X

OneMoreThing...

OneMoreThing...


Joined
Mar 30, 2005
Messages
9,571
Reaction score
25
Points
48
Upcoming MacDefender patch is not the first AV tweak to Mac OS X

mac-logo52611.jpg
This upcoming MacDefender patch is not the first time Apple has tweaked Mac OS X in response to a malware threat. Many people forgot that recent versions of OS X were designed with a built-in malware detection system. Mac OS X 10.4 and 10.5 Leopard had a validation system called File Quarantine. In Leopard, it triggered a warning dialog box when you opened a file that was downloaded from your browser, email client or iChat. OS X 10.6 Snow Leopard improved upon File Quarantine by adding a system to check files against known malware definitions. These definitions were stored in the XProtect.plist file.

Just last year, the 10.6.4 release of Snow Leopard contained a malware tweak to detect a backdoor Trojan horse. This fix was not mentioned in the OS X documentation but security firm Sophos noticed a new entry in the XProtect.plist file for the Pinhead-B threat. This Trojan horse was distributed as a ripped copy of iPhoto. If you installed the fake program, hackers could use your Mac to send spam, take screenshots or snoop through your files.

Unlike the MacDefender threat, the iPhoto Trojan horse was dismissed by the Mac community. Infected people were pirating software and brought this upon themselves. MacDefender, though, is a whole new ballgame. People encounter it while innocently browsing the web and are easily duped into believing the Apple Security Center is real. It's not the apocalypse, but it's definitely a wake up call.

[Via Sophos and Macworld]

Upcoming MacDefender patch is not the first AV tweak to Mac OS X originally appeared on TUAW on Thu, 26 May 2011 09:00:00 EST. Please see our terms for use of feeds.




SourceÂ*|Â*PermalinkÂ*|Â*Email thisÂ*|Â*Comments
Click to expand...

Read more
 
Buzzard2010

Buzzard2010


Joined
Oct 22, 2010
Messages
2,571
Reaction score
79
Points
48
Location
Bretforton, Worcestershire
Your Mac's Specs
MacBook Pro 15" 2014, 2.2GHz i7, 16GB RAM, 250GB SSD, OSX 10.9.5 - iPhone 5s 16gb
It's not the apocalypse, but it's definitely a wake up call.
Click to expand...
A wake up call to people who pirate software or just don't use common sense!

- Simon
 
Shikarnov

Shikarnov


Joined
Feb 26, 2008
Messages
542
Reaction score
25
Points
28
I tend to think it's something which we all should be concerned about. Yes, right now we're talking about pirated iLife apps or users that play fast and loose with their password. But this is just proof of concept stuff.

On Windows, spyware and the like got a good start by bundling with small, but legitimate, free or low-cost apps looking to earn some kind of revenue. As the platform increases in popularity, I can see this kind of thing manifesting itself on OSX.

For example, a few months ago, I needed to create an animated GIF. There are plenty of programs out there for $20, but eventually I found GIFQuickMaker, which is both free, and delightfully easy. I downloaded it, it did what I needed, and I never used it again. Could I have spent $20, sure. But for the 2 minute job I needed, $20 wasn't worth it.

I can imagine many more people -- likely Windows transplants like me -- thinking similarly and looking for similar tools. And when something bad is embedded inside something good (a real trojan horse, not like MacDefender that merely plays on user stupidity to get installed), then it's not about pirates or noobs anymore. And that's the wake up call.
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top