May 252011

Apple posted this article regarding:

A recent phishing scam has targeted Mac users by redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus. The user is then offered Mac Defender “anti-virus” software to solve the issue.

And MacWorld writes:

Online crime falls mostly into four categories: [1] self-spreading malware (like viruses); [2] malware that attacks vulnerable Web browsers when you visit a site (drive-by attacks); [3] malware that tricks you into installing it (like Mac Defender); and [4] online scams and Web attacks that don’t hack your computer (eBay scams, phishing, search-result poisoning, and so on). Macs are still unlikely to see the first or fully-automated versions of the second. Mac users have always faced the fourth. But as our numbers grow, it’s only natural we will see more of the third.

Also, MacWorld notes, “Intego on Wednesday warned Mac users that a new variant of the Mac Defender Trojan horse doesn’t require that you provide an administrator password during the installation process.”

  2 Responses to “How to avoid or remove Mac Defender malware”

  1. Sophos lists MacDefender (and aliases) as “OSX/FakeAV-A” in category Viruses and Spyware and type Malicious behavior.

  2. A new PC World article “Everything You Need to Know About Mac Scareware” discusses how this scam works, including a demonstration video by Intego, and how to avoid being duped.

    “The group behind MacDefender entices victims to malicious sites, where a Web page that looks like the Mac Finder appears, runs a phony virus scan, then claims that the machine is infected with dozens of Trojans. When the unsuspecting user clicks the “OK” button, MacDefender downloads to the Mac.”

Sorry, the comment form is closed at this time.