MAAS History
Disclaimer
exocrine exocrine

All information Provided as is.

Wednesday
Jun012011

Condition Remains GREEN

There have been various Facebook viral videos which are directing users to download sites related to MacDefender malware, mainly MacGuard variant. Facebook has finally taken down the sites.

We recommend the following:

  • Block 77.79.11.0/24 and 77.79.12.0/24
  • Make sure that you have updated your Mac and have installed the latest security update.
  • Criminals always use what works until it doesn't so expect them to alter the installation process.
  • Do not get wrapped up in hype, this malware is now in a controlled state. 
  • Do not install software if you did not go looking for it. 
  • Consider using a Anti-Virus product. 
  • If you install any version of MacDefender do not panic, use this script to remove it

 

Tuesday
May312011

Condition Remains GREEN

Apple has released update Apple-SA-2011-05-31-1 Security Update 2011-003 to address MacDefender.

  • File Quarantine now has a definition for OSX.MacDefender.A and OSX.MacDefender.B
  • File Quarantine will check daily for updates to File Quarantine malware definition list in System Preferences>Security>General.
  • Malware removal will search out various forms of MacDefender during the update process and remove them.
  • It will indicate to the user that the Fake AV was found and removed.
  • Malware removal will only occur during install, it is not a anti-virus solution.