Within hours of Apple releasing a security update designed to protect Mac OS X users from the MacDefender trojan horse application, a variant that sidesteps the company’s efforts hit the Web. The new variant, dubbed mdinstall.pkg, handles the MacDefender installation process, according to security research company Intego.
MacDefender tricks users into giving up credit card info
“The latest version comes in an installer package named mdinstall.pkg, and installs an application named MacGuard, which is the latest name that has been used for this malware,” the company said.
MacDefender, and it’s variants MacProtect, MacSecurity and MacGuard, pose as antivirus protection applications that, once installed, make it appear as if user’s Macs are infected with malware. The applications then prompt users to provide a credit card number to remove the viruses as a ruse to collect bank account information.
Apple released Security Update 2011-003 on Tuesday to protect Mac OS X 10.6 users from the malware threat. The identification database the update relies on, however, doesn’t recognize the signature the just released MacDefender installer.
The security update Apple released yesterday checks for malware definition updates daily, so it’s possible an updated threat database could be on the way soon.
Apple hasn’t commented on how quickly it plans to release a security update to address the new MacDefender variant.