Linked by HAL2001 on Thu 19th May 2011 12:10 UTC
Privacy, Security, Encryption "A little over two weeks have passed since the appearance of MAC Defender, the fake AV solution targeting Mac users. And seeing that the approach had considerable success, it can hardly come as a surprise that attackers chose to replicate it. This time, the name of the rogue AV is Mac Protector, and the downloaded Trojan contains two additional packages. As with MAC Defender, the application requires root privileges to get installed, so the user is asked to enter the password."
Permalink for comment 473754
To read all comments associated with this story, please click here.
RE: We told you so
by HackDefendr on Thu 19th May 2011 16:01 UTC in reply to "We told you so"
HackDefendr
Member since:
2010-05-21

Visualize this: I'm playing a tiny violin for you M$ devoted folks.

As mention by others...this virus still relies on the Mac owner to be running Safari with auto-open safe files enabled.

Guess what...in Chrome for Mac, the file just downloads. Which means now I have the source for this wanna be virus. And now, because I have forwarded that downloaded zip file, all of the anti-virus companies and researchers also have it.

So .. until the hackers can figure out how to trick Mac users beyond a simple download and hope that the user will not only open the file, but run it, and give admin privileges - Mac virus impact are still a long way off in comparison. Oh, I am sure there will be at least one, but comparatively, Mac users are more savvy and don't tend to get caught up in dumb phishing or fake av traps.

On a side note...closing what ever browser you are running stops the Fake AV from running and moving to the download phase.

Jeff

Reply Parent Score: 0