Apple security ninjas target MacDefender malware

By Jonny Evans

There's been claims and counter-claims in recent days on strength of the MacDefender malware. Some have taken the Trojan as evidence that Apple's [AAPL] OS X is no longer safe, predicting fire and brimstone will fall on the almost religious platform. Don't worry too much. Apple is preparing to seek and destroy the MacDefender malware.

The tempest

In recent days Apple was slammed on strength of claims it has instructed Mac support technicians not to instruct Mac users as to how the malware can be removed from affected machines. At times, the tempest of criticism has been so high that you'd almost believe the Mac platform is as leaky and virus prone, as, as, well, as Windows. Rest assured, it is not.

In a Knowledge Base article Apple has acted to reassure its users that a future Mac OS X security update will secure the platform, thus saying it:

(a) is working to protect users

(b) will act to eradicate the MacDefender 'scourge

"In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants. The update will also help protect users by providing an explicit warning if they download this malware," the note says.

The merchant of menace

More especially, Apple calls out the MacDefender problem for what it is: a phishing scam which tricks users into believing their systems are compromised in order to separate them from their credit card details.

To quote Apple:

A recent phishing scam has targeted Mac users by redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus. The user is then offered Mac Defender "anti-virus" software to solve the issue.

This "anti-virus" software is malware (i.e. malicious software).  Its ultimate goal is to get the user's credit card information which may be used for fraudulent purposes.

As I previously reported, the most common names for this malware include MacDefender, MacProtector and MacSecurity.  

Apple has also published step-by-step instructions on how to avoid or manually remove this malware.

"Note: Apple provides security updates for the Mac exclusively through Software Update and the Apple Support Downloads site. User should exercise caution any time they are asked to enter sensitive personal information online," the company warns.

Apple's fast and assertive response to the scare comes as some reports claim the company's platforms face more risk than ever before.

Much ado about nothing

If this is true, there's still some way to go. Even my esteemed Windows-watching Computerworld blogging comrade Preston Gralla concedes that Macs are "far more secure" than Windows PCs at present, but warns, "Whether Macs will be safer than PCs a few years from now isn't so clear, though."

Apple's platforms are making steady inroads into the enterprise. This means Microsoft faces the triple whammy of viable competing platforms, the evolution of post PC devices and a drive toward device and platform agnosticism as cloud computing solutions head into the mainstream in both consumer and corporate markets.

With so much at stake, no wonder Apple has moved to address the new security problem within days, even while the firm ramps-up its security teams in-house. The company this year hired David Rice, executive director of the Monterey Group and faculty member with IANS, as its director of global security. Also this year Apple secured the services of Kevin Timmons, General Manager of Datacenter Services at Microsoft, who left the latter firm to head up Apple's cloud computing efforts.

Such activity to boost corporate focus on security matches expert advice given in 2009, when The Register cited Securosis founder Rich Mogull, who said Apple should "appoint and empower a high-ranking executive to oversee security in all Apple products."

All's well that ends well

The take-away here surely has to be that while the assertion that Apple's success in building marketshare in its four platforms (PC, tablet, smartphone and media player) is attracting more attention from malware authors is true, the company (albeit in its slightly distant way) is moving to respond to these new threats.

What's your response? Do Apple's moves show the company is now more aware of security, and does this awareness show the company knows it is more of a target than ever before, or is there really nothing to worry about?

Let me know in comments below. I'd also be most pleased if you chose to follow me on Twitter so I could let you know as new reports get published here first on Computerworld.