MacGuard requires no admin password to install
Thursday, May 26, 2011 2:08:15 PM
It has recently come to my attention that a varient of the infamous Mac Defender trojan does not require an admin password to install.
If the software is download on an admin acount (the default account on most OS including Macs), the installer will start and run automatically without prompting for a password. This program will still require user interaction in order to install, so you will see an installer program running and will have to click through a couple of installation windows in order to get it on your system; however, the difference now is that it can be installed without an administrator password.
The adminstrator password has been greatly touted by Mac fans as superioty over their Windows counterpart as evidence that malware cannot be installed on the Mac without knowledge. But if you see the screen on the right you would be probably be scared into installing the Trojan in order to "protect" your Mac. That's ultimately how the Fake AVs work. They scare you into doing rash decisions without working it through.
This malware adds proof to the notation that Macs are not invincible as Apple claims. Remember all softwares has vulnerabilities but the ultimate weakness in the chain is the user (YOU) and that is what most malware target. An antivirus software can catch the malware in its tracks as shown below.
In addition to installing a antimalware program, be sure to uncheck Safari's option to automatically open "Safe" files as shown below.
For more informations, it may be helpful to read the following posts:
In summary, malware for Macs are becoming more and more advanced as the popularity for Macs grow (partually due to Apple's claims that Macs are the "supreme" PC with none of the problems of Windows ie viruses, malware, system crash, system reboots). It won't be soon before other Windows malware like rootkits make their way over to the Macs. It is time for Apple and Apple's fan to face the music that APPLES ARE NOT INVULNERABLE and CAN get viruses! This is false advertising on Mac parts. To stay safe, as Microsoft recommends it is crutial to:
- Install antivirus and antispyware programs from a trusted source
- Update software regularly (This include the OS as well as other plugins such as Flash player
- Use strong passwords and keep them secret
- Never turn off your firewall
- Use flash drives cautiously
- Don't be tricked into downloading malware
- Be very cautious about opening attachments or clicking links in email or IM, or in posts on social networks (like Facebook)—even if you know the sender. Call to ask if a friend sent it; if not, delete it or close the IM window.
- Only download software from websites you trust. Be cautious of "free" offers of music, games, videos, and the like. They are notorious for including malware in the download.
- Avoid clicking Agree, OK, or I accept in banner ads, in unexpected pop-up windows or warnings, on websites that may not seem legitimate, or in offers to remove spyware or viruses. Do not even click cancel as that can also trigger the malware installation.
- Instead close the tab by pressing Ctrl+f4 (Windows) or ⌘ Cmd+W (Mac)
- You can also try closing the Window by pressing Alt+f4 (Windows) or ⌘ Cmd+Q (Mac)
- If all fails, open up the task manager by pressing Ctrl+⇧ Shift+ Esc (Windows) or ⌘ Cmd+Opt+Esc (Mac) and end the browser task.