Video of Mac Defender Malware Installation

I haven't been paying THAT close attention to this story, but I didn't realize that you had to be completely naive and gullible (no offense to any reading this that fell for it) to get nailed. I thought it happened more in the background. It looks like you pretty much have to open up the door to your computer and invite the hacker in and offer him or her a beer.

Am I understanding this right? You have to fairly pro-actively install this on your computer, it doesn't happen behind the scenes like Microshaft products do?

I would be EXTREMELY LIVID if Apple arbitrarily decided to close all of my Safari windows simply because I randomly encountered a stupid hack social engineering trojan. (FYI, at this particular instant I have over 50 active web page tabs open in 14 Safari windows and this has been a slow night.)

Well I guess closing all windows would be a bit extreme, but they could make use of Apples sandboxing technology and close just the tab that the download started in. That sounds a bit more reasonable, no?

To think, everyone freaked out over this. This has been going on for a few years now, and each time a news article pops up about it, the "Macs better watch out now!", "the Macs aren't so safe now!", "Look who's got viruses now!". It's a bunch of hype. :p

Quite amusing and annoying at the same time.

Move along folks, this ain't nothing new yet.

I haven't been paying THAT close attention to this story, but I didn't realize that you had to be completely naive and gullible (no offense to any reading this that fell for it) to get nailed. I thought it happened more in the background. It looks like you pretty much have to open up the door to your computer and invite the hacker in and offer him or her a beer.

Am I understanding this right? You have to fairly pro-actively install this on your computer, it doesn't happen behind the scenes like Microshaft products do?

Yes, you're understanding it right. As is the case with 100% of all Mac OS X malware that exists in the wild (which is only a handful of trojans), nothing can infect your Mac unless you deliberately, intentionally, actively install it.

Good thing I use Firefox :)

That makes no difference, since this lame threat is not browser-specific.

OS X systems rarely have anti-viruses installed on them, and the Mac Defender was able to slip through OS X's rather dire malware detecting system and infect systems.

Antivirus software isn't required to defeat this threat. It can be easily thwarted by an informed, careful user.

I know OS X cannot get a true virus,

False. Mac OS X is not immune to viruses. There just aren't any in the wild.

Wow, you have to hit INSTALL to get infected? From how it was reported, it sounded like it was some sort of automatic thing. Sure, it doesn't require a password to install, but after seeing this I'd say you really DO need to be an idiot to install this.

This is the case with all malware that exists in the wild. None of it can affect Mac OS X unless the user actively installs it.

Good thing I use Firefox :)

Why do people think that Firefox is immune to this? It is not.

The flaw is in the user.

Whether using Safari or Firefox, flawed users can easily install the MacDefender malware.

Wow, you have to hit INSTALL to get infected? From how it was reported, it sounded like it was some sort of automatic thing. Sure, it doesn't require a password to install, but after seeing this I'd say you really DO need to be an idiot to install this.

This isn't a virus or anything close to it, it's much more like a phishing email where the user is foolish enough to hand over the keys. It's great that Apple is putting in protection for this, but these sorts of threats will always be around and the solution is for people to have the common sense to not click INSTALL on an app that they didn't ask to download and that they've never heard of.

Honestly, seeing this video makes me feel like macs are MORE secure.

Although Apple could make the warning/remove interface less confusing. I'd almost say they should just block it automatically instead of giving the user a choice, and block the website as well.