New 'MACDefender' Variant Installs Without Admin Password Requirement

by

macdefender support note1
Antivirus firm Intego today reported that it has discovered a new variant of the "MACDefender" malware that ups the ante by not requiring an administrator password for installation. The step is accomplished by installing the application only for the current user.

Unlike the previous variants of this fake antivirus, no administrator's password is required to install this program. Since any user with an administrator's account - the default if there is just one user on a Mac - can install software in the Applications folder, a password is not needed. This package installs an application - the downloader - named avRunner, which then launches automatically. At the same time, the installation package deletes itself from the user's Mac, so no traces of the original installer are left behind.

The second part of the malware is a new version of the MacDefender application called MacGuard. This is downloaded by the avRunner application from an IP address that is hidden in an image file in the avRunner application's Resources folder.

Late yesterday, Apple issued its first public notice on the MACDefender malware, providing users with steps for avoiding or removing the software, as well as reporting that a Mac OS X software update to be released in the "coming days" will automatically find and remove MACDefender and its known variants. The update will also alert users if they are about to download one of the malware applications.

It is unknown whether protection against the new "MacGuard" variant will be included in the software update from Apple, but the company will almost certainly have to keep on its toes to address the quickly evolving threat.

Popular Stories

carplay next gen hero

RIP, CarPlay 2?

Sunday December 29, 2024 7:32 am PST by
Apple's website continues to state that the first vehicle models with next-generation CarPlay will "arrive in 2024." With less than three days remaining in the year, however, that timeframe is looking more and more unlikely. It would not be entirely Apple's fault if the stated 2024 target is missed, given that it is ultimately up to automakers to roll out the software in vehicles, but it is...
Read Full Article
Apple Intelligence General Feature 2

Five Apple Intelligence Features Coming in 2025

Friday December 27, 2024 2:43 pm PST by
Even though iOS 18.1 and iOS 18.2 added multiple Apple Intelligence features like Image Playground, Genmoji, Writing Tools, and more, there are still new Apple Intelligence capabilities that we're waiting on. Apple has at least one more major Apple Intelligence update coming in 2025, and the functionality that we're expecting is outlined below. Priority Notifications Notification summaries...
Read Full Article112 comments
apple tv plus teaser

Apple Teases Apple TV+ Surprise on January 4 and 5

Thursday December 26, 2024 10:35 am PST by
Apple this week began teasing some kind of upcoming Apple TV+ surprise that's set to happen on January 4 and January 5, telling customers to "stay tuned" and "save the date" in social media posts. Apple's images have a tagline that says "See for yourself," but it isn't clear what Apple has planned. Some users on Reddit have speculated that Apple might be planning to launch a promotion that...
Read Full Article58 comments
New Things Your iPhone Can Do in iOS 18

22 New Things Your iPhone Can Do in iOS 18.2

Monday December 23, 2024 6:30 am PST by
Apple released iOS 18.2 in the second week of December, bringing the second round of Apple Intelligence features to iPhone 15 Pro and iPhone 16 models. This update brings several major advancements to Apple's AI integration, including completely new image generation tools and a range of Visual Intelligence-based enhancements. Apple has added a handful of new non-AI related feature controls as...
Read Full Article28 comments
Sudoku Apple News iOS 18

iOS 18.2 Added a New Game to Your iPhone

Saturday December 28, 2024 12:03 pm PST by
Starting with iOS 18.2, released earlier this month, Apple News+ subscribers in the U.S. have access to daily sudoku puzzles in the Apple News app. There are easy, moderate, and challenging difficulty levels for the daily puzzles. A scoreboard tracks your sudoku stats, including your total number of puzzles solved, fastest completion times per difficulty level, and more. Sudoku is the...
Read Full Article
AirTag and Lavender iPhone

AirTag 2 Launching Next Year With These New Features

Tuesday December 24, 2024 8:35 am PST by
Apple is expected to release an AirTag 2 next year, and a few new features and changes have already been rumored for the item tracker. Below, we recap what to expect from the AirTag 2: The new AirTag is expected to be equipped with Apple's second-generation Ultra Wideband chip for longer range. The chip debuted last year in the iPhone 15 and the Apple Watch Ultra 2, and Apple said it...
Read Full Article28 comments
Generic iOS 19 Feature Mock Light

iOS 19 Rumored to Be Compatible With These iPhones

Sunday December 22, 2024 8:09 am PST by
iOS 19 will not drop support for any iPhone models, according to French website iPhoneSoft.fr. The report cites a source within Apple. The report said that iOS 19 will be compatible with any iPhone that is capable of running iOS 18, which would mean the following models: iPhone 16 iPhone 16 Plus iPhone 16 Pro iPhone 16 Pro Max iPhone 15 iPhone 15 Plus iPhone 15 Pro ...
Read Full Article132 comments
airpods pro 2 gradient

AirPods Pro 3 Expected Next Year: Here's What We Know

Monday December 23, 2024 4:18 am PST by
Despite being released over two years ago, Apple's AirPods Pro 2 continue to dominate the wireless earbud market. However, with the AirPods Pro 3 expected to launch sometime in 2025, anyone thinking of buying Apple's premium earbuds may be wondering if the next generation is worth holding out for. Apart from their audio and noise-canceling performance, which are generally regarded as...
Read Full Article64 comments

Top Rated Comments

stridemat Avatar
stridemat
178 months ago
Perhaps Apple should issue an 'update' the makes Safari not open downloaded files automatically?
Score: 31 Votes (Like | Disagree)
Jolly Jimmy Avatar
Jolly Jimmy
178 months ago
One Word:

MACDEFENDER

;)
Not a virus. Honestly there should be a sticky thread or something explaining what a virus is.
Score: 14 Votes (Like | Disagree)
KnightWRX Avatar
KnightWRX
178 months ago
Do you like contradicting yourself? We can go back and forth between "virus"/malware argument but what's the point.

I have not contradicted myself. Go back and forth on what ? Virus is a type of malware. Spyware is another. Trojans are yet another.

There are Mac malware out in the wild.
There aren't any Mac viruses out in the wild.

Both statements are true.
Score: 13 Votes (Like | Disagree)
longofest Avatar
longofest
178 months ago
the days of malware free macs are over! No surprise that Apple initially failed to acknowledge the problem.

The days of malware-free macs have BEEN over (https://www.macrumors.com/2006/02/16/mac-os-x-virus-trojan-summary/). This appears to be the first malware that is actually getting decent press coverage.
Score: 13 Votes (Like | Disagree)
*LTD* Avatar
*LTD*
178 months ago
apple should start catering to real mac users again, and not to the lowest common demonator = pc users!

Most Mac users used to be Windows users at one time or another. Including yours truly.

WTF is a "demonator"?
Score: 12 Votes (Like | Disagree)
griz Avatar
griz
178 months ago
Uncheck "Open 'safe' files after downloading" in Safari Prefs.
Downloaded apps will not launch automatically if you uncheck this option in Safari. Not sure about other Browsers. So as long as you don't launch the installer, you are fine.
Score: 12 Votes (Like | Disagree)
Read All Comments