Mac Defender Variant Bypassed OS X Anti-Malware Software Within Hours

By

macdefender_dialog_box

When we talk of cat-and-mouse within the context of Apple, we’re usually talking about Apple vs. jailbreakers, but it seems there’s a new mouse in town: Mac Defender.

Less than a day after Apple released a new security update nuking Mac Defender from orbit, a new variant has appeared that skirts around the protections of the update.

Called Mdinstall.pkg, this variant hit the scenes especially fast: with a time stamp of 9:24PM Pacific Time, the Mac Defender malware evolved within eight hours time.

Although it seems dire, this shouldn’t be a huge deal. The latest security update also included new functionality that allows OS X’s anti-malware definition file to update itself without manually downloading and applying a security patch, so Mdinstall.pkg will probably only have a shelf life of a day or less before Apple nukes this variant too.

Even so, a message has been sent: the Mac Defender guys are in this for the long haul. They are going to be just as pesty and persistent as Windows malware developers. Expect to see a lot more variants of Mac Defender before all is said and done.