The group behind the Mac Defender scareware has released a new variant which bypasses Apple’s short-term fixes and renders the malware more potent than before.
The new version does not require the user to type in their password for the software to install itself on the machine, after it has been automatically downloaded.
Once downloaded, the installer opens automatically and prompts the user to click ‘continue’, which it’s not outrageous to assume a lot of people will do on autopilot without wondering what they’re continuing to. This starts the installation package, which deletes itself once it has been run.
The new version of the malware has also been renamed, known now as MacGuard, but its aim of skimming credit card numbers in return for removing fake viruses remains the same.
Uh oh
Apple yesterday announced that it will be releasing an update to Mac OS X to combat and remove the rogue programme, with a bunch of instructions for Mac users to avoid and remove the software themselves in the meantime.
However, it seems revealing its whole defense plan has backfired on Apple, with the baddies immediately upping their game; how long before the resolve for this new variant is available?
And even when that new resolve hits, there’s nothing to stop the scareware developers releasing another more potent version of the malware.
From The Mac Security Blog via ZDNet