Warning about "Mac Defender" malware

gkpm

gkpm

Prominent Member
Hi everyone,

Haven't seen a thread about this here yet so thought I'd better give a heads up to other fellow Mac users about the "MacDefender" malware that some are being conned into installing.

Search engines (at least Google) have been manipulated to highly rank (so they appear first) results containing links to fake websites, which when accessed will show a window saying that viruses or trojans have been found on your Mac system. The window is similar to this one:

https://dl.dropbox.com/u/1220621/fakemacav.jpg

Note from the heading that this is still the web browser, not a real app. But very cleverly disguised. The app comes in various names such as "Mac Defender," "Mac Security," and "Mac Protector". The website then proceeds to download a real app, which the browser then may ask (depending on settings) if the users wants to open.

If people do run the app they then get this screen:

http://static.arstechnica.net/assets/2011/05/mac-defender-alert-intego-thumb-640xauto-21519.jpg

claiming to have found many viruses and asking for a credit card to purchase this fake "protection". If the user doesn't pay (AND PLEASE DON'T, YOUR CREDIT CARD MAY BE COMPROMISED), Mac Defender starts displaying random porn.

*** WHAT TO DO IF THIS ALREADY HAPPENED TO YOU ***

Force-quit Mac Defender via Activity Monitor, remove it from Login Items in System Preferences, drag the app out of your Applications folder to the Trash, and restart.

But fingers crossed you haven't fallen for this. Never ever open applications that you didn't explicitly tell the web browser to download.

More details here: http://www.macuser.co.uk/4924-mac-security-trojan-mac-defender-storm-teacup
 
Last edited:
dc8900

dc8900

Distinguished Member
I saw this little annoying little thing when salon.com (an American news site not some hairstyle tip place ;) ) was compromised earlier this week. Does clearly look fake and does suggest that with increased Market share, malware writers are turning to target mac. Still I reckon all but the most naive user will manage to not be duped.
 
RobM

RobM

Distinguished Member
dc8900 said:
Still I reckon all but the most naive user will manage to not be duped.
Click to expand...

You're absolutely right. But they tend to make up quite a significant chunk of the user base of any OS.

Fortunately Mac's don't ever get anything like this, no Malware, Trojans, nothing... so we have nothing to worry about. Right...?
 
MartinPickering

MartinPickering

Prominent Member
RobM said:
Fortunately Mac's don't ever get anything like this, no Malware, Trojans, nothing... so we have nothing to worry about. Right...?
Click to expand...

It's completely harmless until you type in your password and install it. Thus, it will affect only those Mac users who:

1. Believe that viruses exist for OSX and therefore
2. Allow the software to download and then
3. Manually install the software by typing their admin password.

Unfortunately, as you say, there's a number of uninformed people out there who are likely to do this. Let's just hope they aren't also dumb enough to type in their credit card details.

There really ought to be a "driving test" for computer users - especially those like my wife who... "just want to use the darn thing! Why do I need to understand how it works?"

This is why.
 
gkpm

gkpm

Prominent Member
pixelpixel said:
That was late 80's early 90's and it was mainly a boot sector virus.

I do feel sorry for poor bloke who looks after the "MacDefender" site. His site must be getting hammered with traffic.
Click to expand...

You're absolutely right Stoned was a MBR sector virus so affected all PCs, MS-DOS or not (but was there anything else to run on PCs at that time?). My first real DOS virus was Jerusalem :)

I've lost count of how many viruses I've had on the PC, even made one of my own at some point (but never spread it). None on the Mac so far (or Linux which I'm using too)

Yep, MacDefender was real unfortunate choice of name for the guy, he even sells Mac software.
 
RobM

RobM

Distinguished Member
I was indeed being sarcastic, thinking back to conversations here where our fellow Apple users actively encouraged people to ignore anti-virus protection because things like this have never existed and will never exist :)

Intrusions like this will become more and more common, as they have been over the last year or two, as market share increases. It's nothing to start panicking about, but it's certainly something to consider and proactively try and avoid. Fortunately that's very simple, with free, lightweight AV software around and a really good dose of common sense.

Discussion about it is good though, as it raises awareness.
 
MartinPickering

MartinPickering

Prominent Member
RobM said:
thinking back to conversations here where our fellow Apple users actively encouraged people to ignore anti-virus protection because things like this have never existed and will never exist :)s.
Click to expand...

I have warned people continually that there are no OSX viruses. Unfortunately, others have convinced some Mac users that there ARE OSX viruses. Consequently, when they see what they perceive to be viruses in action, they are encouraged to click the button which downloads the trojan. If, in their mistaken belief in viruses, they then go on to install the software, AND divulge their credit card details, disaster strikes. (There's a lot of IFs there!)

If people would take the trouble to understand the difference between virus and trojan, they wouldn't be so easily fooled. So I URGE people to stop discussing OSX "viruses" and "AV software" and refer to the trojan as a trojan - something designed to fool you into installing it. If people understood the REAL (minimal) risk, they wouldn't panic and do the wrong thing.

There is currently nothing that can install itself in MacOSX. Maybe somebody will succeed in producing an OSX virus in the future but, if that does happen it will be well publicised. Right now there is NOTHING except a couple of trojans that are designed to fool the ignorant or misinformed.

Compare that with the HUNDREDS (maybe even thousands) of viruses, trojans and key-loggers that exist (and are active) for Windows and you will see this perceived OSX "risk" in perspective. It is non-existent unless you are really, really doubly stupid. It is nothing more than a minor irritation.

I'm interested to see how "AT" (Anti-Trojan) software will prevent idiots from installing trojans. They already get system warnings - "this software was downloaded etc." - and choose to ignore it. Will "AT" software fill the screen with YOU ARE AN IDIOT in big red letters?
 
Last edited:
andy1249

andy1249

Distinguished Member
There is an identical scam going on with PC's at the moment , heres the thing though , most of the anti virus or anti malware programs out there cannot detect this , the latest variants are very sophisticated and avoid detection by almost all the major anti virus/malware programs.

Google

Surprised to see it on a mac , but these guys are seriously sophisticated , I wouldn't be surprised if it shows up on one of the popular linux distros soon enough.

I'm interested to see how "AT" (Anti-Trojan) software will prevent idiots from installing trojans. They already get system warnings - "this software was downloaded etc." - and choose to ignore it. Will "AT" software fill the screen with YOU ARE AN IDIOT in big red letters?
Click to expand...

Isnt it one of Apples big selling points that a mac is good for the non technical user ? That it just works etc. etc. .... therefore the mac platform in my opinion is a prime target for this type of scam as its user base is less tech savvy than most PC users , less wary of virii/malware , and therefore more likely to fall for the scam.

You shouldn't assume that all users have the same tech knowledge as yourself , and you shouldn't assume that all users are idiots either.
Warn , inform , but don't insult !
 
Last edited:
dc8900

dc8900

Distinguished Member
Christ said:
What's recommended Rob? I was thinking of trying AVG's linkscanner... I've nothing installed at the moment...
Click to expand...

quite a few members (myself included) use Sophos Anti-Virus for mac which I would very much recommend :thumbsup:
 
MartinPickering

MartinPickering

Prominent Member
But first you have to download it?

What is really needed is something that detects the bad page and closes down the browser window automatically, so a person doesn't have go through the "fear routine" of watching the animations and of being presented with buttons to click. Does that exist?
 
T

The Quiz Master

Standard Member
It is pointless having a virus scanner on a mac as there is no requirement for one.

As has been previously stated it is the naive computer users who just happen to have a Mac that have been tricked by this.

I have been a mac user for the past 4 years now and not once have I needed to concern myself about getting infected by viruses.

Of course no matter what computer platform you use you can still fall foul of fake websites/emails that ask you for bank details, paypal passwords etc but again it is the naive user who is dumb enough to fall for these things.

You then have the argument from some fellow mac users about the need to still have a viruses scanner of some sort on a mac so as to not infect people who use a PC.

Well that is the PC users problem to sort out.

I think these said mac users use the above arguments as a means of trying to justify their cause.

The main thing for apple to do is keep their computer prices high so that your average Joe is unable to wreck havoc on their products.
 
anorax25

anorax25

Established Member
A pal of mine had this come up on his Macbook and he called me for advice. He didn't actively download it! It was installed automatically because he had the "Safe" box ticked on Safari Preferences/General.
 
T

The Quiz Master

Standard Member
spudtator said:
You may want to use one as a courtesy to your Windows using friends, as I do.
Click to expand...

You then have the argument from some fellow mac users about the need to still have a viruses scanner of some sort on a mac so as to not infect people who use a PC

Well that is the PC users problem to sort out


As stated in my previous post.
 
MartinPickering

MartinPickering

Prominent Member
anorax25 said:
A pal of mine had this come up on his Macbook and he called me for advice. He didn't actively download it! It was installed automatically because he had the "Safe" box ticked on Safari Preferences/General.
Click to expand...

Not possible. He would have to click something to initiate the download. And even with Safari set to open downloaded files automatically (inadvisable and well-publicised) he would STILL have had to ignore the pop-up warning (click OK), type his admin password and click "Install". Nothing can install automatically.
 
Last edited:
spudtator

spudtator

Prominent Member
The Quiz Master said:
You then have the argument from some fellow mac users about the need to still have a viruses scanner of some sort on a mac so as to not infect people who use a PC

Well that is the PC users problem to sort out


As stated in my previous post.
Click to expand...

As I said, it's a courtesy to my friends that costs me nothing and involves no effort. As a courtesy, I also keep an eye on my neighbours houses when they are away on holiday. Again, this costs nothing.
I regularly visit friends and de-virus their Windows machines. The fewer I have to do, the better. Hence AV on my Mac and possibly helping out my friends.
 
T

The Quiz Master

Standard Member
spudtator said:
As I said, it's a courtesy to my friends that costs me nothing and involves no effort. As a courtesy, I also keep an eye on my neighbours houses when they are away on holiday. Again, this costs nothing.
I regularly visit friends and de-virus their Windows machines. The fewer I have to do, the better. Hence AV on my Mac and possibly helping out my friends.
Click to expand...

There is nothing wrong with helping out your friends and if this is the only reason why you have AV on your mac then fine.

On the other hand though would you still have AV on your Mac for other PC users who are not your friends ?
 

Similar threads

next010
SteamOS desktop and Linux apps
Replies
1
Views
3K
Nivek TT
Nivek TT
D
The Story of an iPhone User Switching to Android, again
2 3
Replies
64
Views
11K
Flynch191
Flynch191
T
FREE Oppo and Clones Jailbreak
65 66 67
Replies
2K
Views
242K
remlemasi
remlemasi
-Gonzo-
iTunes/Vudu/GooglePlay/MA Code Redemption & Playback FAQ + Q&A Thread (Please read OP as questions may already be answered)
66 67 68
Replies
2K
Views
136K
Mark Costello
Mark Costello
H
Naim releases public beta of n-Serve for Mac
Replies
0
Views
2K
hodg100
H

The latest video from AVForums

Spears & Munsil Interview, LG G3 review, Apple Vision Pro, Klipsch The Sevens, iFi, Focal + More
Subscribe to our YouTube channel
Published
Support AVForums with Patreon

Back
Top Bottom