Ramblings of this guy you know!

Tech Stuff and random observations on life as I see it….

Tag Archives: MacGuard

Apple releases update to prevent MacDefender infection by enhancing OSX’s quarantine function, Security circumvented in less than a day.

I feel like I have been talking about MacDefender and MacGuard for a very long time now… Actually it’s only been through May but it feels longer. Today, the 31st of May 2011, Apple finally released the security patch it promised last week.

The Security Update 2011-003 adds protection to Snow Leopard 10.6.7 users only, earlier versions of OSX are not supported. The update makes a change in the Security section of Preferences to include changes to the File Quarantine feature, which is Apple’s version of antivirus software. This update includes definitions for Mac Defender and its known variants, as well as an automated removal tool.

Read more of this post

Advertisements

MacDefender leaps onto Facebook

In a desperate attempt to capture more victims before the latest Apple update kills MacDefender and MacGuard dead once and for all (for now anyway) the Mac malware has made the leap to Facebook and is now spreading virally, claiming to be a video of IMF boss Dominique Strauss-Kahn.

The malware is using a technique called clickjacking to spread. A message appears in your timeline apparently posted by one of your friends, in this case referring to the news story of IMF chief Dominique Strauss-Kahn who is facing charges in New York over charges of rape. You are then invited to click a link to view a story or in this case a video. Instead of opening anything however the malware download is triggered. Finally the message you received is now posted on your timeline to catch the next unwary viewer.
Read more of this post

New MACDefender Variant: lock up your browsers

Just mere hours after Apple announces that they will be providing an update to prevent further infections by the MACDefender trojan, a new variant named MacGuard is discovered by the Anti-virus provider Intego.

The main difference between the two variants is that this new version installs as the current user and so gets rid of one step towards infection by removing the needs to the administrator password to be entered.
Read more of this post

%d bloggers like this: