Things get something more ugly with Mac Defender. It is not to throw the hands to the head but say that its creators continue to create mutations of its software in order to continue extracting Bank private information of users. The new variant is now called MacGuard and it is important that we should be aware of its characteristics.
Lets recap a bit before proceeding. Earlier this month appeared a malware named Mac Defender, an application disguised antivirus to try to install on your Mac, after which we asked for our credit data to start working. The advice given at that time was simple, walk with eye and disable the option to open "safe" files to download them if used the Safari browser to make sure that the installation does not start without our express permission.
Any other recommendations in this matter could be summed up in using common sense to the surfing the Internet, taking care of what we got. Mac defend used to occur in three variants MacDefender, MacProtector and MacSecurity and the team of programmers behind this malicious software was a new variant every 12 to 24 hours which was causing major headaches to Apple support personnel.
However a few days ago this dynamic stopped, as contact with the people of Intego, which made to think that you were developing a new stratagem and this has been. The new version is called MacGuard and acts in the following way
As it was the case so far with other variants, the download is hidden in our browser search results. It seems that hackers team used the SEO positioning to appear in prominent places in the search engines.If you click on a malicious link, the software will start your download process for what appears a sale of installation. The difference here is that now there is no need to introduce our Mac admin password even though it is still necessary to press continue window. When you press the software installs a downloader called avRunner.avrunner will automatically launch the download of MacGuard after which will be deleted from the system for not leaving a trace of its existence in the same.So it is not to be much more concerned with MacGuard than with the original form. The special feature now to take advantage of the existence of other users that are not the administrator of the Mac so that, ignorant of the situation or unaware of the danger, click on continue and initiate the process by themselves. Why now does not ask the administrator of the computer key.
Therefore the recommendations given so far are still valid: disable the option in Safari. And in the unfortunate case of enter in a site that host malware, where appears to be a sort of Finder window and encourage the user to perform a scan of the Mac for viruses (see the screenshot attached to this post)We would do well to close the browser tab and up the browser if we consider it necessary, monitor when not installed anything suspicious in the download folder or that we have configured by default. If you have happened we can follow the steps mentioned a few hours in the posts Jose Carlos.
We recall in conclusion that Apple is in the process of completing a software update that appears to avoid this malware and will even remove it where it is installed on the Mac.
0 comments:
Post a Comment