MACDefender seems to have been successful because of the work its creators did to make it appear high up in search results.

Some folks around here would probably like details ;)

I've always said the Mac was only secure because of it's relative obscurity in low numbers and now that Apple has managed to improve market penetration, so have the hackers.

People will be scrambling for Norton for Mac now.

Enjoy!

wondering where all the smarty pants are now that always jump on windows security issues claiming Mac did it right... bwahahahaha

oh but all the mac people will tell you a Mac can't get viruses and malware, even apple will tell you the same thing in their commercials

:-P

J_RaD, only the ignorant people will say that. Just like on any platform.

Some folks around here would probably like details

Reports I have seen suggest that it has been exploiting high Google rankings for searches as diverse as "Osama bin Laden", "Mothers' Day" and "Frank Lloyd Wright". Google Image searches seem to be particularly affected. I have yet to see anyone blame a panda.

The host site apparently uses a pop-up window claiming infections have been detected and offering a scan - the scan (actually an animation) takes a few seconds and in some reports claims that viruses have been detected on the C drive (seriously).

Some variants do an immediate drive-by download of a .zip archive that may automatically be opened depending upon browser settings. Safari, Chrome and Firefox have all been cited.

It is not a virus. It is scareware and has to be installed manually. I have seen no reports of any actual system damage, though some people have paid for the program by credit card.

Removal is done by terminating the active process in Activity Monitor before deleting the application and any associated files found with a basic search.

Comments on various forums unsurprisingly confirm that idiots who own Macs are just as stupid as idiots who habitually use other platforms.

Enjoy!

Thank you.

...

Yeah, I did say it was scamware. ;)

Either way, as was rightly indicated, this will get worse as iPads/tablets and Android, etc., take off.

It is not a virus. It is scareware and has to be installed manually.

Many viruses have to be installed manually as well, such as clicking the file attachment in the email.

It's more often human stupidity spreading a virus or a botnet than an actual OS vulnerability because people are stupid, naive and greedy and will often fall for anything like "click here to get your $500 Walmart gift certificate"

this will get worse as iPads/tablets and Android, etc., take off

My understanding is that the same scamware (presumably under a different name) is also available for Windows, where a couple of hundred victims might be deemed insignificant.

What struck me here was how easily Google Image search is being exploited.

...

where a couple of hundred victims might be deemed insignificant.

More than that have encountered this issue. The hundreds mentioned in the article are only the ones who have turned to the forums for help. ;)

+1 for incredibill. False sense of security and all that. It doesn't mean that Macs are as insecure as Windows. Just that hackers/scammers are turning to the next ripe target. I don't think any OS or device is hacker or exploit proof.

I don't think any OS or device is hacker or exploit proof

I entirely agree.

But having looked at quite a lot of user reports, almost without exception those who knew how they had been infected with this particular nasty mentioned Google Image Search, and that is what I found most interesting.

...

An AppleCare support rep says this [zdnet.com] about what they're supposed to do about MacDefender when customers call them for help:

Our notice for Mac Defender is that we’re not supposed to help customers remove malware from their computer.

To be fair, the anonymous source continues:

"We give them links to Norton. McAfee, and Sophos."

All are reportedly effective in this case. Only one is free for home use, however.

A similar policy seems to apply at Apple stores, where staff are apparently instructed not to remove malware themselves (presumably because doing so is not covered in the customer "care plan") but to recommend the installation of reputable antivirus software.

Some of which may conveniently be available for purchase on the spot, of course.

Meanwhile, the "SEO poisoning" of Google Image Search seems to be a hot topic in its own right, and one which probably deserves its own (cross-platform) thread:

[krebsonsecurity.com...]

...

but to recommend the installation of reputable antivirus software.

Some of which may conveniently be available for purchase on the spot, of course.

OUCH, to add insult to injury they don't fix your problem and SELL your something else.

I guess its better then saying, oh your imac got infected shoot just toss it and buy another one.

Looks like another even more insidious phishing email is out:

We've received a number of warnings from readers over the last couple of weeks about fraudulent emails that look a lot like official Apple emails. These emails are structured just like Apple's promotional emails, but are actually attempts to lure unsuspecting customers into entering their Apple IDs and other personal information. Such so called "phishing" attempts are common and readers should be wary about following links from any emails.

[macrumors.com...]

Apple has published instructions on how to remove the Mac Defender malware:

[support.apple.com...]

This MacDefender thing was on the local news today and they said Apple is going to release some sort of "fix", whatever that could be.

Here is some worthwhile information from our friends at SANS.org:
[isc.sans.org...]

Users must be active in the install to have to worry about this malware. It pretends to a "useful" program. It's mostly social engineering. So, to answer the question in the initial post, "Is the Mac now fare game? It used to be reasonably clear of scamware," I would say no more or less than before.

incrediBILL said...

I've always said the Mac was only secure because of it's relative obscurity in low numbers and now that Apple has managed to improve market penetration, so have the hackers.

wondering where all the smarty pants are now that always jump on windows security issues claiming Mac did it right... bwahahahaha

This smarty pants, for one, is right here, still very, very happy not to have all of the pain and suffering caused by the sloppy work of Windows. You can continue to believe the myth that Apple's OS is not superior in the real world, but that's not going to make it true.

security by obscurity.... isn't security at all, and they've been waving that flag wayyyyy to long, only a matter of time until someone paid attention to all of these unlocked doors.