Posted by: David Harley | May 21, 2011

MacRapture, MacDefender, AppleUncare

I know you’ve all dying to hear my thoughts on the MacDefender (aka a few other things) fake AV, and possibly wondering why Mac Virus hasn’t commented on that or anything else recently.

Well, I’ve been travelling: Infosec UK, a connectionless week in Devon, Prague for the AMTSO and CARO workshops, and finally a few days in Krems for the EICAR conference. So while I’ve maintained some presence in the blogosphere, I’ve focused on the blogs that are considered part of the services I provide to the AV industry, of which this isn’t one.

And Old Mac was last heard of travelling in the South Seas, so he’s probably already on his way to a celestial street party, if he hasn’t been swallowed by an earthquake in Tonga.

However, I have given one or two journalists the benefit of my prejudices: 

And, of course, I’ve been tracking articles relating to the issue. In no particular order:

  1. A quality blog, as ever, from Chet Wisniewski, with links to other Sophos blogs on the topic: http://nakedsecurity.sophos.com/2011/05/02/mac-users-hit-with-fake-av-when-using-google-image-search/. Or you could simply do an archive search on http://nakedsecurity.sophos.com/?s=mac+fake, for example.
  2. Allegedly, an internal Apple document instructing Applecare operatives to stay hands-off: http://i.zdnet.com/blogs/apple-macdefender-investigation-may-16-2011.png?tag=mantle_skin;content. Also, http://www.zdnet.com/blog/bott/crying-wolf-apple-support-forums-confirm-malware-explosion/3351?pg=1
  3. Summary by The H: http://www.h-online.com/security/news/item/Mac-scareware-becomes-more-visible-Update-1246693.html
  4. Uninstall Guides from bleepingcomputer.com for MacProtector (http://www.bleepingcomputer.com/virus-removal/remove-mac-protector) and MacDefender (http://www.bleepingcomputer.com/virus-removal/remove-mac-defender)
  5. John Gruber lists a whole load of commentary suggesting a possible tipping point, but dismisses it as crying Wolf: http://daringfireball.net/2011/05/wolf. Also cites http://arstechnica.com/apple/news/2011/05/malware-on-the-mac.ars/ et al by way of an alternative view from Apple support.
  6. Contrary opinion from Adrian Kingsley-Hughes http://www.zdnet.com/blog/hardware/modern-mac-owners-need-to-ignore-the-dinosaurs-and-get-protection/12857 and Ed Bott http://www.zdnet.com/blog/bott/an-applecare-support-rep-talks-mac-malware-is-getting-worse/3342
  7. Sound commentary, as ever, from Intego on this and other Mac malware at http://blog.intego.com/, but this item strikes me as being particularly constructive: http://blog.intego.com/2011/05/13/mac-security-tip-when-you-should-enter-your-password-in-mac-os-x/

Plus a few items not necessarily related, but interesting anyway:

I’m saying nothing about that last one. For now…

David Harley CITP FBCS CISSP
Small Blue-Green World

About these ads

Responses

  1. Welcome Back David! :)

  2. :)

  3. Welcome back David! Nice collection of helpful links.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

Follow

Get every new post delivered to your Inbox.

Join 35 other followers

%d bloggers like this: