Security Alert: New Mac Defender Variant, MacGuard, Doesn’t Require Password for Installation.
Posted today on Intego’s Blog, the makers of VirusBarrier X6, gave warning to a new Mac Defender Variant called MacGaurd, that does not required an administrator password during the installation process. Like previous versions of this Trojan-like Malware, it is a fake anti-virus program that hopes to dope it victims into keying in there credit card info. This new version has a higher risk for being installed because you are not required to enter your administrator password. This re-modified Malware is closer to being a true Trojan horse.
It’s release comes one day after Apple posted a update explaining this malware’s existance and how to remove it from your Mac’s system. Apple also said Tuesday that a forthcoming Mac OS X update “will automatically find and remove Mac Defender malware and its known variants,” in addition to “providing an explicit warning if [you] download this malware.” It’s unclear at this time whether Apple’s planned OS update would address this latest MacGuard variant of the malware.
Two Pieces of Important Information:
1. This is not a Trojan horse, it’s Malware
Many reputable companies and news outlets are calling this a Trojan horse, which this malware or ‘malicious software’ is not. True Trojan horse software or computer code, requires no user interaction to steal information or harm your system. I know this may sound like a fine line, but in it current configuration, this software is just malware.
2. This Malware is completely preventable
Even though it now doesn’t require a password to install, it still requires you to install it.
You have to run it’s installer. Either by opening the the installer, or by having ‘open safe files after downloading’ turned on in Safari (which I recommend turning off in Safari’s Preferences > General). But still, you have to click through the install process.
If you did run the installer, the ‘no password’ install is only possible by a system’s administrator, so non-admin users would not be able to install this program. Also, this mean the malware can only exist in the application folder and can not install itself in the system’s library.
Do not install software from any web advertisement or page you did not directly go to. And always try to verify and company and it’s software before installing. That’s my ounce of prudence.