It was brought to my attention today that you’ve now published a knowledge base article explaining how to remove the prolific MacDefender fake security software and it’s various iterations.
While I cannot speak on behalf of an entire industry, I think all of us welcome you with open arms to the team tasked with helping the computer using community stay safe online.
I have to admit though, I am a bit confused by your terminology.
You state in your article:
“A recent phishing scam has targeted Mac users by redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus.”
In our business phishing has a very specific definition. According to Wikipedia the agreed upon definition of phishing is:
Noun: The fraudulent practice of sending e-mails purporting to be from legitimate companies in order to induce individuals to reveal personal information, such as credit-card numbers, online.
We have observed that most users are being infected through malicious web pages that are turning up in Google Image searches. The malicious web pages display a fake security scanner convincing the victim to load a program that is in fact malware.
While I can see how you might consider this to be a phishing attack, we usually use that term when the attack is purely social and is trying to acquire your credentials. If it involves social engineering and malicious code we call it a Trojan.
Wikipedia defines a Trojan as:
“A Trojan horse, or Trojan, is a destructive program that masquerades as a benign application. The software initially appears to perform a desirable function for the user prior to installation and/or execution, but (perhaps in addition to the expected function) steals information or harms the system.”
It is also a bit strange that you don’t recommend people to run an anti-virus program when they have been infected or attacked by malicious code. Perhaps it might be prudent to refer people encountering malware on their Macs to your documentation?
It’s great to have you as a partner in our fight against cybercrime, and we hope you continue your commitment to keeping your customers safe online.
Be cautious, question everything and enjoy your internet experience.
Update: As happens, I didn’t consider that Wikipedia is a moving target, so choosing them for definitions wasn’t the smartest thing I’ve done. The quotes above were true at the time of writing.
12 comments on “Dear Apple: Welcome to team anti-malware”
lol, funny that you used Wikipedia references. Be safe people.e safe people.
Funny because…? No, I'm afraid you can't just post "whatever" information you want and expect it to remain there for more than a few minutes at best. Wikipedia has a surprisingly rigid process to add/edit information now. This isn't 2001 anymore, but thanks for trying.
The Wikipedia article has been changed since I posted this and strangely that never occurred to me…
The subtle bite of sarcasm makes this a delightful read.
Potato – Potato.
Anti-virus for what? Windows viruses? Surely not malware? How is anti-virus going to help against malware that most users won't install? The sky isn't falling and until you can show me why I need what you sell, I'll go without thanks.
OK, let's see. For years Mac OS X has gone well secured, except to the people who make their living on protecting from malware. Not only was there a constant drum beating of "Your time will come, just you wait and see" they also regularly created "proof of concept" recipes to prove their point, never mind that none of this occurred in the wild. It helped heighten the rhetoric and perceived potential threat.
So now someone out there creates a "trojan" that feeds off this hysteria created by those who make a living protecting people from this kind of threat.
Hmm. If I were a conspiracy theorist…
I guess there are several dictionaries and definitions for phishing.
The unix base Apple dictionary on a Mac will return the following definition:
"phishing |ˈfi sh i ng |
the activity of defrauding an online account holder of financial information by posing as a legitimate company : [as adj. ] phishing exercises in which criminals create replicas of commercial Web sites."
Bottom line for me is I'm glad Apple is helping out. Meanwhile back to our normal business of keeping people warned about maiware and bad stuff on our computers.
Your comment sums up my article nicely, without the attempt at being funny. We are genuinely pleased that Apple is taking this very seriously.
Your industry "security software" uses terms you create to scare people. Apple has an eco system that is built on a solid foundation that while not immune to hacking it is not a problem. Apple response to the single significant malware problem for their eco-system is great in that they will eliminate at the OS level.
If you guys told the truth – i.e. virtually all malware, viruses, and trojans in the wild are not computer problems but Windows problems you would be truthful and it would change the industry. But you won't, you will continue to misrepresent the information to keep the status quo and your business.
I have used your software and it is good but on my mac's after scanning to check I removed it. On my PC yours and other software save me from issues daily!
People must be meticulous about researching and validating each item of software that they authorize to run on their systems. The sooner they learn this, the better. All the AV software in the world can't protect them from a zero day Trojan installed as a result of their own casual impulsiveness and ignorance.
I think you protest too much. Yes, this is a Trojan, as it requires the user to install software they believe to be useful but ends up being bad. But the threat of this Trojan is more like a phishing attack in that all it does is try to get your personal information.
I assume Apple used this term because it is not as scary as Virus, malware, spyware or trojan. It implies that the user could avoid this problem by not getting caught off guard.
Note: You are about a year late in your welcome. Apple started it's attack on this type of software over a year ago with 10.6 Snow Leopard. this is just an extension of that action.
"A Trojan horse, or Trojan, is a destructive program that masquerades as a benign application. The software initially appears to perform a desirable function for the user prior to installation and/or execution, but (perhaps in addition to the expected function) steals information or harms the system."
what does MacDefender destroy?