New 'MACDefender' Variant Installs Without Admin Password Requirement

by

macdefender support note1
Antivirus firm Intego today reported that it has discovered a new variant of the "MACDefender" malware that ups the ante by not requiring an administrator password for installation. The step is accomplished by installing the application only for the current user.

Unlike the previous variants of this fake antivirus, no administrator's password is required to install this program. Since any user with an administrator's account - the default if there is just one user on a Mac - can install software in the Applications folder, a password is not needed. This package installs an application - the downloader - named avRunner, which then launches automatically. At the same time, the installation package deletes itself from the user's Mac, so no traces of the original installer are left behind.

The second part of the malware is a new version of the MacDefender application called MacGuard. This is downloaded by the avRunner application from an IP address that is hidden in an image file in the avRunner application's Resources folder.

Late yesterday, Apple issued its first public notice on the MACDefender malware, providing users with steps for avoiding or removing the software, as well as reporting that a Mac OS X software update to be released in the "coming days" will automatically find and remove MACDefender and its known variants. The update will also alert users if they are about to download one of the malware applications.

It is unknown whether protection against the new "MacGuard" variant will be included in the software update from Apple, but the company will almost certainly have to keep on its toes to address the quickly evolving threat.

Popular Stories

iphone 16 pro ghost hand

5 Reasons to Skip This Year's iPhone 17 Pro

Thursday July 10, 2025 4:54 am PDT by
Apple will launch its new iPhone 17 series in two months, and the iPhone 17 Pro models are expected to get a new design for the rear casing and the camera area. But more significant changes to the lineup are not expected until next year, when the iPhone 18 models arrive. If you're thinking of trading in your iPhone for this year's latest, consider the following features rumored to be coming...
Read Full Article107 comments
apple tv 4k new orange

New Apple TV Expected Later This Year With These New Features

Saturday July 12, 2025 3:09 pm PDT by
A new Apple TV is expected to be released later this year, and a handful of new features and changes have been rumored for the device. Below, we recap what to expect from the next Apple TV, according to rumors. Rumors Faster Wi-Fi Support The next Apple TV will be equipped with Apple's own combined Wi-Fi and Bluetooth chip, according to Bloomberg's Mark Gurman. He said the chip supports ...
Read Full Article154 comments
iPhone 17 Pro in Hand Feature Lowgo

iPhone 17 Pro Coming Soon With These 16 New Features

Friday July 11, 2025 12:40 pm PDT by
Apple's next-generation iPhone 17 Pro and iPhone 17 Pro Max are only two months away, and there are plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models. Latest Rumors These rumors surfaced in June and July:A redesigned Dynamic Island: It has been rumored that all iPhone 17 models will have a redesigned Dynamic Island interface — it might ...
Read Full Article
macbook pro blue green

M5 MacBook Pro No Longer Coming in 2025

Thursday July 10, 2025 12:38 pm PDT by
Apple does not plan to refresh any Macs with updated M5 chips in 2025, according to Bloomberg's Mark Gurman. Updated MacBook Air and MacBook Pro models are now planned for the first half of 2026. Gurman previously said that Apple would debut the M5 MacBook Pro models in late 2025, but his newest report suggests that Apple is "considering" pushing them back to 2026. Apple is now said to be...
Read Full Article94 comments
iphone 16 pro pro max

iPhone 17 Pro Models With BOE Displays Will Be Sold in China Only

Thursday July 10, 2025 11:59 pm PDT by
iPhone 17 Pro and iPhone 17 Pro Max models with displays made by BOE will be sold exclusively in China, according to a new report. Last week, it emerged that Chinese display manufacturer BOE was aggressively ramping up its OLED production capacity for future iPhone models as part of a plan to recapture a major role in Apple's supply chain. Now, tech news aggregator Jukan Choi reports...
Read Full Article14 comments
Apple Watch Ultra 2 Complications

Apple Watch Ultra 3: What to Expect

Sunday July 13, 2025 10:30 am PDT by
The long wait for an Apple Watch Ultra 3 is nearly over, and a handful of new features and changes have been rumored for the device. Below, we recap what to expect from the Apple Watch Ultra 3:Satellite connectivity for sending and receiving text messages when Wi-Fi and cellular coverage is unavailable 5G support, up from LTE on the Apple Watch Ultra 2 Likely a wide-angle OLED display that ...
Read Full Article96 comments
apple wallet drivers license feature iPhone 15 pro

Apple Says iPhone Driver's Licenses Will Expand to These 8 U.S. States

Tuesday July 8, 2025 11:26 am PDT by
In select U.S. states, residents can add their driver's license or state ID to the Wallet app on the iPhone and Apple Watch, providing a convenient and contactless way to display proof of identity or age at select airports and businesses, and in select apps. Unfortunately, this feature continues to roll out very slowly since it was announced in 2021, with only nine U.S. states, Puerto Rico,...
Read Full Article
iPhone 17 Air Colors Thumb 2

iPhone 17 and iPhone 17 Air Rumored to Come in These 9 Colors

Friday July 11, 2025 12:30 am PDT by
The iPhone 17 and iPhone 17 Air will be available in a total of nine color options, according to new information coming out of Asia. The iPhone 17 Air's expected color options. According to the leaker going by the account name "yeux1122" on the Korean blog Naver, accessory manufacturers are now producing camera protector rings for the iPhone 17 and iPhone 17 Air in colors to match their...
Read Full Article37 comments

Top Rated Comments

stridemat Avatar
stridemat
185 months ago
Perhaps Apple should issue an 'update' the makes Safari not open downloaded files automatically?
Score: 31 Votes (Like | Disagree)
Jolly Jimmy Avatar
Jolly Jimmy
185 months ago
One Word:

MACDEFENDER

;)
Not a virus. Honestly there should be a sticky thread or something explaining what a virus is.
Score: 14 Votes (Like | Disagree)
KnightWRX Avatar
KnightWRX
185 months ago
Do you like contradicting yourself? We can go back and forth between "virus"/malware argument but what's the point.

I have not contradicted myself. Go back and forth on what ? Virus is a type of malware. Spyware is another. Trojans are yet another.

There are Mac malware out in the wild.
There aren't any Mac viruses out in the wild.

Both statements are true.
Score: 13 Votes (Like | Disagree)
longofest Avatar
longofest
185 months ago
the days of malware free macs are over! No surprise that Apple initially failed to acknowledge the problem.

The days of malware-free macs have BEEN over (https://www.macrumors.com/2006/02/16/mac-os-x-virus-trojan-summary/). This appears to be the first malware that is actually getting decent press coverage.
Score: 13 Votes (Like | Disagree)
*LTD* Avatar
*LTD*
185 months ago
apple should start catering to real mac users again, and not to the lowest common demonator = pc users!

Most Mac users used to be Windows users at one time or another. Including yours truly.

WTF is a "demonator"?
Score: 12 Votes (Like | Disagree)
griz Avatar
griz
185 months ago
Uncheck "Open 'safe' files after downloading" in Safari Prefs.
Downloaded apps will not launch automatically if you uncheck this option in Safari. Not sure about other Browsers. So as long as you don't launch the installer, you are fine.
Score: 12 Votes (Like | Disagree)
Read All Comments