New breed of Mac Defender skips past Apple's latest patch

Apple and its customers must accept that Macs aren't bulletproof and are now worth hackers' time

Mac OS X users who went to sleep Tuesday feeling secure their machines were safe against Mac Defender may be in for a jarring wakeup call: A new variant of the infamous Trojan that can slip past Apple's long-awaited security update has already been spotted in the wild.

The news further blemishes Apple's reputation for cranking out impenetrable code, long a bragging point for the company and its devotees. It also signals that hackers and malware writers are starting to consider Apple's desktop platform a worthwhile target, thanks to its rise from relative obscurity (compared to Windows) to broader use.

The new version of Mac Defender bears a new name, Mdinstall.pkg, according to reports. As with the previous version of the Trojan, it dupes users into installing "rogueware," basically fake antivirus software. Once installed, rogueware claims a personal computer is heavily infected with malware. It nags users with pervasive pop-ups and fake alerts until they fork over a fee to purchase the worthless program.

Though Mac Defender has garnered more attention than other malware targeting Mac OS X, it's not the first of its kind. Earlier this year, a Trojan dubbed "BlackHole RAT" was reported by Sophos, which (among other things) taunted affected users that their machines weren't as secure as they thought. More recently, a do-it-yourself crimeware kit primed for Mac OS X emerged.

Hopefully Apple will come up with an updated signature soon to protect users from the new variant of Mac Defender. (June 2 update: In fact, Apple had an update the next day.) More important, the company and its users need to accept that Macs (and iPhones and iPads) are not immune to malware and thus must act accordingly. For users, that means embracing smart security practices, such as installing security software and using discretion when downloading unfamiliar apps. For Apple, it means acknowledging that Macs aren't bulletproof and not hiding that reality from its customers.

This story, "New breed of Mac Defender skips past Apple's latest patch," was originally published at Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow on Twitter.


Copyright © 2011 IDG Communications, Inc.

How to choose a low-code development platform