Apple's MacDefender Tool: Quickly Circumvented, Now Regains Upper Hand
The ongoing battle between the OSX anti-malware team and the MacDefender malware creators has taken some interesting turns this week.
Apparently about eight hours after the anti-MacDefender update (which I talked about it yesterday's blog on MacDefender removal) was released, the bad guys regained the upper hand.
CNet has some great coverage by Topher Kessler who says,
Let the cat and mouse games commence.
"Less than a day after Apple tackled the malware threats in OS X with an updated implementation of its malware detection technologies, the MacDefender malware developers have issued another variant that bypasses Apple's definitions to root out and remove the malware.
Then, earlier today (June 6, 2010), there was this update from cnet:
The cat is back in the lead.
"Apple has updated Snow Leopard's XProtect yet again to tackle the new variant, and did so in less than a day after the original update was circumvented.
"Apple is taking a very active approach to prevent this malware from being a problem for people.
Apple definitely took a bit of a pounding publicly after having taken so long to respond to the MacDefender threat initially. Now though, it looks like they're showing their willingness to take on the Mac malware creators head-on.
Regardless of how effective this strategy is long term, every step they take now will make things more secure and close more and more holes in their operating system.
And, for that Mac owners should be grateful.
Does it eliminate the need for mac antivirus software?
I don't believe so.
It's clear Windows malware is lucrative--very lucrative--or else the malware Windows malware writers would've given up long ago.
And, what the MacDefender creators appear to've shown is that the Apple OS X system, while good, does have holes. How hard they are to find, how far the bad guys are to find them, and how lucrative it is for them to do so all remain to be seen.
The question is: Will Apple's virus situation become as bad as Windows?
The comments to this entry are closed.