Recent Posts

Wednesday, May 25, 2011

Apple Admits To MacDefender Virus Attack


By: Kareem Ali 

Over the past several weeks Mac users have been falling victim to a virus/phishing scam that pretends to be ant-virus software but really just steals users credit card info. Apple first refused to admit the problem, however they’ve finally come around promising to send out an update so users can get rid of the malware.

The software in question is known as MacDefender, MacProtector, and MacSecurity. What it does is open a pop-up in your browser that warns you that your computer is currently infected with craploads of viruses and offers to sell you the software to remove them. Of course the software isn’t real and all your doing is giving away your credit card and personal information to some cybercriminal somewhere.

Although this is a common scam, according to the numbers somewhere between 60,000 and 120,000 Mac users fell for it. I think that number is probably insanely inflated, no one really knows the numbers yet. I would like to assume that many people aren’t foolish enough to fall for this, that’s pretty naïve.

Apple’s first response to the news was straight denial, they refused to admit there was a problem at all. According to an interview with ZDNet one AppleCare employee stated that they were not allowed to help users who had been infected with the malware, despite it being a quick two-minute fix. Apparently Apple’s logic for this is that they can’t help every Mac owner with virus removal and that it’s up to the individual to get their own anti-virus software. Makes me kind of wonder…haven’t Mac fanboys been saying for years that Mac’s can’t get viruses? Of course Apple never said their computers can’t get viruses, just that they were more safe than a PC, provided you had a firewall and some decent anti-virus software.

Apple finally admitted there was a problem and released a support page yesterday to help users remove the malware themselves and say they will be releasing an update that will hunt down and kill all known variations of the virus.

So what happened? How come this virus got through where others failed? I think these are common questions and deserve an answerin’

First off, Anyone who tells you that a Mac can’t get a virus is a moron and you should probably just slap them in the face for trying to talk about things they don’t understand. I’m not going into detail about how an OS works and how software has to be packaged differently depending on the underlying file system, that would be boring. I’ll try as simple as I can to explain why Mac and Linux PC’s don’t get hit with as many viruses as Windows PC’s.

Basically, it’s because there are more Windows users than there are Mac or Linux users. If you want to write a virus that’s going to hit as many people as possible, you package it as an .exe (Windows executable). Not a .dmg, .gz, or .tar.

Although there have been a few Mac and Linux viruses, most just float away in the wind without doing much damage because they don’t hit enough people. What this new virus shows is that Apple has hit a point with Mac where it’s popular enough to attract the attention of cybercriminals. Not only that but the fact that a lot of Mac users are not used to dealing with viruses means that they get a better hit rate (more people falling for the scam) than they normally do with Windows users, who are for the most part, used to dealing with firewalls and anti-virus since Windows has always been a big target for Virus writers.

Another problem is in the way Apple dealt with this. Knowing that the problem existed and taking weeks to fix it is inexcusable. The worst part is it was all done to protect their public image. Apple didn’t want people thinking that they were vulnerable and so they hid the truth, they risked peoples credit card and personal information in order to protect their own stock and that is just sad. I don’t care if they’re fixing the problem now, the fact of the matter is they should have made stopping this their number one priority as soon as they knew. They could’ve posted the instructions on how to remove the malware weeks ago and simply chose not to. Shame on Apple.

Related Stuffs:

No comments:

Post a Comment