http://www.macrumors.com/2011/05/19/apple-investigating-macdefender-malware-support-staff-barred-from-assisting-customers/
Earlier this month, a new malware threat known as "MACDefender" popped up, targeting Mac OS X users with requests to install an application claiming to be an antivirus program. The malware has continued to be a problem for many users, showing up with regularity under several different variants.
ZDNet's Ed Bott has been looking into the issue, and while some may dismiss his claims due to his position covering Microsoft for the publication, he has uncovered some interesting information in speaking with an anonymous AppleCare representative about the situation. According to the representative, Apple has been dealing with significant call volumes about the issue, claiming that over 50% of calls last week were about the malware.
There's usually about 600 or so of us spread around 14 centers for CPU support. Before this started happening, we had 7-12 minutes between calls generally. Now we're lucky to have any time between calls.
We started getting a trickle of calls a couple weeks ago. However, this last week over 50% of our calls have been about it. In two days last week I personally took 60 calls that referred to Mac Defender.
The representative noted that AppleCare's official policies prevent them from assisting customers with malware issues, as the company does not wish to set expectations that they will be able to do so consistently going forward, instead recommending that customers look into antivirus software. Some representatives have, however, reportedly been quietly helping out customers as their superiors look the other way.
In a follow-up article responding to claims that his initial report was fabricated and the issue overblown, Bott documents his examination of Apple's support forums, where he found over 200 threads from users trying to remove the malware from their systems, far higher than any previous incident. And while the malware requires that users grant explicit authorization for the software to be installed, Bott argues that there are clearly significant numbers of relatively less savvy users who are taking the bait.
Finally, Bott today published the actual AppleCare internal support document about MACDefender, where it is revealed that the issue has been categorized as "Issue/Investigation In Progress" and outlining the procedures to be used by support representatives when dealing with customers calling in about the issue. Essentially, users who have not yet installed the malware are instructed to quit the installer and delete the download, while those who have installed the software should be directed to Apple resources to learn more about malware and left to find their own antivirus solution.
I read this a week ago. Makes me laugh my ass off!!
People who download and install virus protection made for macs totally deserve for it to f up their computer with no help from anyone. Idiots. :frustrated:
AppleCare is hardware support.
I'm sure if you had a MalWare question the guys/girls at the Genius Bar would be willing to help.
BUT MACS DON'T GET VIRUSES!
Anyone who is sucker enough to authorize the installation of a virus on their mac (read: they typed in their password!) is a joke to me.
Quote from: Hicks on May 24, 2011, 11:36:22 AM
BUT MACS DON'T GET VIRUSES!
Yeah, but the hard part is not downloading and installing them yourself. :roll:
Quote from: thatfargone on May 24, 2011, 12:17:09 PM
Quote from: Hicks on May 24, 2011, 11:36:22 AM
BUT MACS DON'T GET VIRUSES!
Yeah, but the hard part is not downloading and installing them yourself. :roll:
And this is why no system is entirely safe ever.
Cause there are stupid people...
Customer:"I was going through my folders and I deleted 'system32' cause I never use it...."
These are the people that will always have chronic computer problems because they dont know what they are doing at all.\
I still think this is fucking gold though because that is so many peoples argument against windows...
Quote from: Hicks on May 24, 2011, 11:36:22 AM
BUT MACS DON'T GET VIRUSES!
Quote from: Hicks on May 24, 2011, 11:36:22 AM
BUT MACS DON'T GET VIRUSES!
Technically, it's malware and not a virus.
Quote from: Hicks on May 24, 2011, 11:36:22 AM
BUT MACS DON'T GET VIRUSES!
:hereitisyousentimentalbastard
yeah I love how everyone seems to forget that no one bothered to make viruses for macs because no one really used them for a while. mac's are popular and very widely used now so guess what, people are going to make them now.
I'm sure that apple will have better customer service after this though, it's just something they haven't dealt with much yet but it will only become a bigger issue
This isn't true, before Apple locked down their OS, macs were frequently the targets of viruses.
A common misconception is that macs don't get viruses because of their low market share...as RJ pointed out already, people had to type in their password in order for the malware to be installed.
I don't think that Viruses are the problem really that will be appearing with more frequencey, I think the problem here is the refusal of Apple Care to allow their techs to tell people how to alleviate the problem.
That would be like calling Dell because your MS Office had a problem. There are other outlets for MacOS support, namely the Genius Bar.
every internet browser should come with a message - do not download and install something unsolicited
Quote from: mattstick on May 24, 2011, 12:59:31 PM
That would be like calling Dell because your MS Office had a problem. There are other outlets for MacOS support, namely the Genius Bar.
When you need to uninstall malware for a PC, you do call dell. Microsoft won't help you.
I'm not sure where you are going with this...
Well since there seem to be a bunch of idiot pc converts that search and hunt for needless virus protection software, Apple should sell a apple care package that cost a shit ton for these very stupid consumers and pass the savings off on a cheaper os lion version for us.
Quote from: fauxpaxfauxreal on May 24, 2011, 01:04:22 PM
Quote from: mattstick on May 24, 2011, 12:59:31 PM
That would be like calling Dell because your MS Office had a problem. There are other outlets for MacOS support, namely the Genius Bar.
When you need to uninstall malware for a PC, you do call dell. Microsoft won't help you.
I'm not sure where you are going with this...
Yeah sounded like a false comparison, AppleCare is run by Apple isn't it? (I may be entirely wrong that's why I'm asking)
Quote from: slslbs on May 24, 2011, 01:02:16 PM
every internet browser should come with a message - do not download and install something unsolicited
The problem with this piece of malware that people are soliciting it, I think. I think it masks itself ironically as a piece of software designed to protect macs from viruses and malware.
I think people are downloading it from an unsolicited ad - I've gotten a message about this or something like it on my mac.
it says something like "protect your mac - you have malware. click here to download"
I personally don't think people are actually seeking it out, they're just believing the message.
Quote from: fauxpaxfauxreal on May 24, 2011, 01:04:22 PM
Quote from: mattstick on May 24, 2011, 12:59:31 PM
That would be like calling Dell because your MS Office had a problem. There are other outlets for MacOS support, namely the Genius Bar.
When you need to uninstall malware for a PC, you do call dell. Microsoft won't help you.
I'm not sure where you are going with this...
The point is, there is support for this problem, it's just not AppleCare. So this is all much ado about nothing, isn't it?
Malware disguised as Virus protection is nothing new either.
Quote from: mattstick on May 24, 2011, 01:11:40 PM
Quote from: fauxpaxfauxreal on May 24, 2011, 01:04:22 PM
Quote from: mattstick on May 24, 2011, 12:59:31 PM
That would be like calling Dell because your MS Office had a problem. There are other outlets for MacOS support, namely the Genius Bar.
When you need to uninstall malware for a PC, you do call dell. Microsoft won't help you.
I'm not sure where you are going with this...
The point is, there is support for this problem, it's just not AppleCare. So this is all much ado about nothing, isn't it?
Malware disguised as Virus protection is nothing new either.
Then why aren't they advising applecare to direct the customers to the Genius Bar? Something about what you are saying isn't adding up.
QuoteEssentially, users who have not yet installed the malware are instructed to quit the installer and delete the download, while those who have installed the software should be directed to Apple resources to learn more about malware and left to find their own antivirus solution
.
At the very least they have been directed to on-line resources. The customer service precedent of responding to every single piece of Malware is a dangerous one. Within one or two clicks of the keywords "Apple Help" you can learn about the Genius Bar. End-users have to take some responsibility for what they install.
I'd rather have Apple Care associates free to answer any actual Apple problems, not problems caused by 3rd parties.
slslbs... What site were you visiting? I have never seen or heard of anything like this with safari. I have never seen a pop up or any flash adware showing up on any sites. Ever.
I assume people find this on malicious sites or from browsing porn after safari already warned of it being a bad site.
I was on chrome visiting one of the sites I usually visit.
typically here, HTW, the boston globe - don't remember exactly. I don't get pop - ups but sometime when I minimize a window there is what I call a "pop under" (pop - up blocker is on all browsers)
I stay away from "marginal sites".
I thought that I already had malware on my mac and it directed me there - even posted about it here
http://week4paug.net/index.php?topic=12300.165
Quote from: slslbs on May 24, 2011, 03:37:43 PM
I stay away from "marginal sites".
posted on the 'paug... HA!
got me again
Quote from: slslbs on May 24, 2011, 03:37:43 PM
I was on chrome visiting one of the sites I usually visit.
typically here, HTW, the boston globe - don't remember exactly. I don't get pop - ups but sometime when I minimize a window there is what I call a "pop under" (pop - up blocker is on all browsers)
I stay away from "marginal sites".
I thought that I already had malware on my mac and it directed me there - even posted about it here
http://week4paug.net/index.php?topic=12300.165
Hm. I only use safari and NEVER have anything pop up. Any reason you use chrome...sounds like the problem to me.
I like chrome better (it's faster imo), but now that you mention it I'll use Safari for a while to see if it happens.
I use Chrome with no real problems. Safari is quite bulky.
Quote from: mattstick on May 24, 2011, 04:52:22 PM
I use Chrome with no real problems. Safari is quite bulky.
You ever see mac defender pop ups, offers?
Only on megaupload, it's usually Party Poker.
I'm not too familiar with Macs, so I have a question for any Mac user.
If someone wants virus/malware protection on their Mac, is there an official source that they can get it from (like a program/app repository under the system menu, or even an official Apple website)?
A quick scan of the Mac App store finds at least a couple of virus/malware apps
Quote from: mattstick on May 24, 2011, 06:23:23 PM
A quick scan of the Mac App store finds at least a couple of virus/malware apps
OK, I was assuming that was the case, but I wanted to make sure.
Quote from: rowjimmy on May 24, 2011, 11:53:37 AM
Anyone who is sucker enough to authorize the installation of a virus on their mac (read: they typed in their password!) is a joke to me.
I agree with RJ. This sounds exactly like Ubuntu, in the sense that
nothing can be installed on its own (you have to verify it by consciously entering your password), and basically everything you would ever need can be obtained from an official OS endorsed source. Common sense
is your virus protection on any Unix based OS. Downloading and installing something (that you don't even need in the first place) from a third party source is just asking for trouble.
my ISP provides Norton for pc and mac as a free d/l. After the post I alluded to on the other thread, I d/l and installed norton for mac. the 1st scan picked up one trojan. I don't know if that's related to the pop unders I saw or not. fwiw, I haven't seen that particular one again (yet).
We had a MacDefender window pop up on my wife, running Safari with popups blocked and click-to-flash installed as she was viewing a familiar hotmail page. It gave the message that everyone has been paraphrasing, you are infected, etc... and had very slick graphics and fonts going on. Not quite "Mac-y" but close enough for a new user perhaps. It gave 2 options, to download the scanning software or cancel, which is what she did. The malware still began to download a string of 5 or 6 windows and unix suffixed files. Trying to close the window was not working at this point, so I forced Safari to quit and tossed the files.
Best advise to a new Safari user is to disable the auto-opening of "safe" downloaded files.
Interesting show of interest in the mac user base from the hacker community! I'd be curious about the numbers of people who were lured.
Quote from: Pholy M. Pia on May 24, 2011, 08:31:37 PM
We had a MacDefender window pop up on my wife, running Safari with popups blocked and click-to-flash installed as she was viewing a familiar hotmail page. It gave the message that everyone has been paraphrasing, you are infected, etc... and had very slick graphics and fonts going on. Not quite "Mac-y" but close enough for a new user perhaps. It gave 2 options, to download the scanning software or cancel, which is what she did. The malware still began to download a string of 5 or 6 windows and unix suffixed files. Trying to close the window was not working at this point, so I forced Safari to quit and tossed the files.
Best advise to a new Safari user is to disable the auto-opening of "safe" downloaded files.
Interesting show of interest in the mac user base from the hacker community! I'd be curious about the numbers of people who were lured.
I knew it had to be a bigger problem than "user error". Thanks for the elaboration.
::waits for more fanboy defense of Apple::
Well gotta ask, has everyone experiencing issues with this fully updated? Including the newest Apple security update from a few weeks ago?
With slslbs's info it sounds like it is working exactly like tojans that affect pcs which are typically from your computer having old virus definitions and visiting sites full of flash ads.
I know for a fact that many of these even use common antivirus softwares to pass it on. While working for the community college we got a bad one that was being spread by our protection software and they were never able to clean it from the network completely and common sites I visited could just suddenly pop up this type of crap.
Its interesting that the mac users here with issues seem to use norton and/or chrome. Two things I do not and no one else I know with macs use. Other than than these reports and the article above, I've heard and seen nothing.
I've never seen this nonsense on my mac running Chrome.
/just sayin'
http://support.apple.com/kb/ht4650 (http://support.apple.com/kb/ht4650)
Update to remove "in the coming days."
I usually keep my mac updated.
I'll double check the date of last update when I get home.
I know lots of people that use chrome, including people that work in the local Apple store.
Quote from: slslbs on May 25, 2011, 12:24:05 PM
I usually keep my mac updated.
I'll double check the date of last update when I get home.
I know lots of people that use chrome, including people that work in the local Apple store.
Cause all explorers that come with the OS (with the exception on the Chrome OS) SUCK! IE sucks major dick, I never like safari, though it does look nice. But firefox and chrome r00l!
HURRY NOW
go to mycleanpc.com