Apple Updates XProtect Malware Definitions for Latest MacDefender Variant

Posted on June 2nd, 2011 by

Following the appearance of a new variant of the MacDefender fake antivirus, Apple has issued an update to its Xprotect malware definitions. This update detects this new variant, and alerts users to the presence of the new variant, which Apple calls OSX.MacDefender.C.

The cat and mouse game has begun. We will be following this closely, and testing all new variants as they appear. The people behind this malware have shown that they can react very quickly, and Apple has reacted rapidly as well.

Note that Intego VirusBarrier X6, with its current threat filters, already detected this variant without the need for an update, because of the multiple techniques it uses to detect malware. In addition, VirusBarrier X6 can detect malware downloaded via any application, while Apple’s XProtect system only functions with files downloaded by certain programs, notably Apple software such as Safari, Mail and iChat.