MacDefender evolves, cat-and-mouse security comes to Mac

Even if MacDefender goes away, it has changed the Apple security game forever.

Mac users and those who offer administration and support to them find themselves in the security rat race for the first time, as MacDefender scareware has rapidly adapted to avoid Apple's detection.

On Tuesday afternoon, Apple released a long-awaited security update for Mac OS X 10.6 Snow Leopard, designed to detect and eliminate known versions of the malware, which has been making the rounds for a month now.

Mac users installed the update, which didn't even require a reboot, then breathed a collective sign of relief, and went about their business, thinking their machines about as secure as prior to the outbreak.

That peace of mind lasted, potentially, about eight hours, as malware developers released a new version designed to side-step Apple's updated malware definitions. Under normal conditions, MacDefender was back in business, installing itself unnoticed and going about its business.

Fortunately for Mac users, Apple seemingly predicted this kind of a shell game in designing the security update (and why not, since this kind of game has been the norm in PC malware design and prevention for years). Then it redesigned its anti-malware system to check for new signatures on startup or every 24 hours. By Thursday morning, Apple had returned the malware creator's volley, detecting the new version of MacDefender and eliminating it. Mac users now wait for the bad guys to respond. Wash, rinse, repeat. Ad infinitum.

Of course, there's still a lot small businesses can do to make sure they're protected beyond relying on Apple's nightly signature updates. Along with keeping software as up-to-date as possible, common sense goes a long way. Educating users not to fall for a scareware attack like MacDefender is a great first step, and is particularly important with Mac users, many of whom have been taught by the community, experience and Apple's marketing department that they are impervious to malware. Some other common-sense steps will help keep users clear of MacDefender and its ilk of attacks as well, and PCWorld has a full survival guide for Mac users concerned with MacDefender.

Here's one quibble with how Apple deals with malware detection. Upon detection of MacDefender or any other known bit of malware, OS X pops up a box, telling users the file they've just downloaded "will damage your computer. You should move it to the Trash." It then provides details of when and where the file was downloaded, and with what it is infected. Users then have the option to move the file to the trash (the default selected option), cancel, or open. Wait...what? Open?

Coming from a company that, if given a choice, will opt for a unified user experience at the expense of user options every time, it seems odd that OS X will perfectly happily allow you the chance to infect yourself knowingly if you so choose. If there's any time for a platform to get tyrannical with its users, this is it. Especially for a community that is largely unaccustomed to the day-to-day issues of dealing with malware, "The file you have downloaded contains malware. It has been deleted," would have been an appropriate and welcome response here.

For now, though, the Mac world awaits MacDefender's next move. Will new versions continue to pop up daily, prompting daily updates of Apple's detection signatures? Will its developers get tired of the grind and move on to the next target? Will the high profile of MacDefender signal a new opportunity for other hackers and cyber-criminals to go after?

Nobody knows for sure at this point. What we do know is that Mac users are now in on the security arms race that has dominated the Windows lifestyle for years, and there's no going back.

Join the PC World newsletter!

Error: Please check your email address.

Tags MacApplespamvirusessecurityhardware systemsdesktop pcsphishing

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert Dutt

PC World (US online)
Show Comments

Essentials

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?