Linked by Thom Holwerda on Wed 25th May 2011 17:02 UTC, submitted by kaiwai
Mac OS X Well, it took them long enough. Apple has finally acknowledged the existence of the MAC Defender trojan, and has offered removal instructions. The company has also promised a security update to Mac OS X that will block MAC Defender and its variants from working. All this information was published in the form of a support document on Apple's website. Update: Well, that was fast. A new variant of the trojan, called Mac Guard, has been discovered. Unlike previous variants, this one does not require users to enter their administrative password.
Thread beginning with comment 474701
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: :)
by pantheraleo on Thu 26th May 2011 13:54 UTC in reply to "RE[2]: :)"
Member since:

I would wager that most people would say closing a program and dragging it to the trash, etc, is a FAR FAR FAR less major problem to get rid of than having to erase/reformat/reinstall your whole operating system and all your software, as is the Windows method of Defender removal.

Uh no? Windows virus removal almost never requires an erase / reformt / reinstall. The only time you need to do that is if an attacker has managed to get root / administrator privileges on your system. But that's true of any OS, including OS X. Once you have been rooted, you can't trust any of the software on your system because you have no way of knowing for sure which files the attacker touched. Important system utilities that could detect problems might have been replaced by trojans. And that includes OS X. For example the "ps" command is replaced by one that will not list the rogue processes, the who command is replaced by one that will not show the attacker listed as being logged in, etc.

Edited 2011-05-26 13:57 UTC

Reply Parent Score: 2