Results 1 to 11 of 11
  1. #1

    OneMoreThing...'s Avatar
    Member Since
    Mar 30, 2005
    Posts
    2,718
    Post MacDefender malware targeting Mac users
    MacDefender malware targeting Mac users


    Mac owners usually have little to worry about in terms of computer viruses and spyware, but a new malware attack seems to be causing issues for some users.

    According to a report on The Next Web, a specialized malware attack targeting Mac users is making the rounds. Users seem to be targeted as they are browsing Google Images, with one victim reporting that he suddenly received a message stating that his machine had been infected with viruses that only a "MacDefender" application could remove. There is a MacDefender website that highlights a few shareware apps that a dedicated geocacher has written, and the site's owner is warning people to not download the malware app.

    The malware appears to be targeting Safari. The browser can be configured so that it will automatically open trusted software, and that appears to be the route of attack that's being used. While the MacDefender malware isn't infecting Macs with a virus or running a keylogger in the background, the author seems to be trying to scare users into providing credit card information by buying the software.

    The Next Web provided some useful hints on how to protect yourself from the malware and to remove the pesky app if it is downloaded onto your Mac. If you aren't seeing MacDefender in your Applications folder, you can protect yourself from possible infiltration by unchecking the "Open 'safe' files after downloading" box at the bottom of Safari > Preferences > General (see the area outlined in red in the image above).

    If MacDefender is already on your Mac, check out the next page for tips on how to remove it.

    Continue reading MacDefender malware targeting Mac users

    MacDefender malware targeting Mac users originally appeared on TUAW on Mon, 02 May 2011 13:00:00 EST. Please see our terms for use of feeds.




    Source*|*Permalink*|*Email this*|*Comments
    Read more

  2. #2

    thekilierdonut's Avatar
    Member Since
    Feb 21, 2011
    Location
    Columbia, SC
    Posts
    71
    Specs:
    2.5GHz i5 MBP, 4GB RAM, 500GB HD, NVIDIA Geforce GT 330m/16GB iPhone 4 in a brick sized otterbox.
    It can pop up on Firefox as well - tried to force a download on me yesterday while browsing Google images.
    Mid 2010 MBP 2.53 GHz i5, 4GB RAM || iPhone 4 16 GB iOS 4.3 (not jailbroken) || Amazon Kindle (graphite display) || HP Netbook running Win7 or Ubuntu || Various iPods
    *Macintosh, MACintosh, or M.A.C.intosh. Which one looks correct? *

  3. #3

    Doug b's Avatar
    Member Since
    Jun 22, 2008
    Location
    Forest Hills, NYC
    Posts
    3,343
    Specs:
    15-inch Early 2008; Processor 2.4 GHz Intel Core 2 Duo; Memory 4 GB 667 MHz DDR2 SDRAM; 10.7.5
    I'm surprised this hasn't cropped up sooner. Safari has always had this hole I think. This technique wouldn't fool experienced users, but surely is a threat to the less savvy and computer illiterate out there. I think it would be wise for Apple to take a bit of control here, and at the very least, reverse the default option so that anything perceived as "friendly" isn't downloaded without warning or consent. At least...

    Doug

  4. #4


    Member Since
    Oct 24, 2010
    Posts
    20
    This happened to my brothers macbook pro yesterday.

  5. #5

    cwa107's Avatar
    Member Since
    Dec 20, 2006
    Location
    Lake Mary, Florida
    Posts
    26,947
    Specs:
    15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD
    Quote Originally Posted by thekilierdonut View Post
    It can pop up on Firefox as well - tried to force a download on me yesterday while browsing Google images.
    Ah, but did it execute? Because on Safari (with the aforementioned setting turned on), it will. Downloading is one thing, but actually running and showing up for the user out of the blue, is quite another.
    Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!

    https://youtu.be/KHZ8ek-6ccc

  6. #6

    thekilierdonut's Avatar
    Member Since
    Feb 21, 2011
    Location
    Columbia, SC
    Posts
    71
    Specs:
    2.5GHz i5 MBP, 4GB RAM, 500GB HD, NVIDIA Geforce GT 330m/16GB iPhone 4 in a brick sized otterbox.
    Quote Originally Posted by cwa107 View Post
    Ah, but did it execute? Because on Safari (with the aforementioned setting turned on), it will. Downloading is one thing, but actually running and showing up for the user out of the blue, is quite another.
    No - does not execute in Firefox. I just did a cursory check of my computer to make sure nothing ugly got installed (old Windows habit...) and then went on about my business
    Mid 2010 MBP 2.53 GHz i5, 4GB RAM || iPhone 4 16 GB iOS 4.3 (not jailbroken) || Amazon Kindle (graphite display) || HP Netbook running Win7 or Ubuntu || Various iPods
    *Macintosh, MACintosh, or M.A.C.intosh. Which one looks correct? *

  7. #7

    Randy B. Singer's Avatar
    Member Since
    Feb 01, 2011
    Location
    Sacramento, California
    Posts
    825
    More information about MacDefender here:

    MacDefender malware targeting Mac users

    The Mac Security Blog Intego Security Memo

    New 'MACDefender' Malware Threat for Mac OS X - Mac Rumors

    It's important to understand that MacDefender does not install spyware, it is not a virus, and it does not damage your Macintosh in any way.

    Basically all that it does is encourage you to purchase non-existent anti-virus software, and in that way the sociopaths who wrote the program harvest your credit card data.

    Though MacDefender can automatically download itself from the Web to your Mac, and the Installer for MacDefender can automatically launch, it still can't install itself without you giving it your administrator password. So...don't give any software installer program your administrator password unless you intended to install something and you know exactly what it is.
    Randy B. Singer

    Mac OS X Routine Maintenance http://www.macattorney.com/ts.html

  8. #8

    cwa107's Avatar
    Member Since
    Dec 20, 2006
    Location
    Lake Mary, Florida
    Posts
    26,947
    Specs:
    15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD
    Quote Originally Posted by Randy B. Singer View Post
    Though MacDefender can automatically download itself from the Web to your Mac, and the Installer for MacDefender can automatically launch, it still can't install itself without you giving it your administrator password. So...don't give any software installer program your administrator password unless you intended to install something and you know exactly what it is.
    This one doesn't require an admin password, or so our users are telling us. That would limit its effects to the scope of the user's account, but it's still troubling as even that (very good) advice wouldn't have prevented the installation of this one.

    EDIT: Never mind. Just saw this thing in action, and indeed it does require an admin password to complete the install. Perhaps the user misinterpreted what I was asking them.
    Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!

    https://youtu.be/KHZ8ek-6ccc

  9. #9

    Chris H.'s Avatar
    Member Since
    Oct 03, 2009
    Location
    Albuquerque, New Mexico
    Posts
    2,641
    Haven't seen it yet. I hope I never do (then again, I don't have a credit card so what does it matter?)
     iPad Air 2 - iOS 9.3
     iPhone 6 64GB - iOS 9.3
     Mac mini early 2009 - OS X El Capitan 10.11.4
     MacBook unibody/white late 2009 - OS X El Capitan 10.11.4

  10. #10


    Member Since
    Jan 14, 2011
    Posts
    1
    This happened to me today. Hope I got rid of it.

  11. #11

    Chris H.'s Avatar
    Member Since
    Oct 03, 2009
    Location
    Albuquerque, New Mexico
    Posts
    2,641
    Quote Originally Posted by Cheesehead7 View Post
    This happened to me today. Hope I got rid of it.

    Well, did you seek and destroy?
     iPad Air 2 - iOS 9.3
     iPhone 6 64GB - iOS 9.3
     Mac mini early 2009 - OS X El Capitan 10.11.4
     MacBook unibody/white late 2009 - OS X El Capitan 10.11.4

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Malware via Facebook ... does this affect Mac users ... ?
    By Maclady2012 in forum Internet, Networking, and Wireless
    Replies: 1
    Last Post: 02-06-2012, 04:35 PM
  2. Firm Behind MacDefender Malware Likely Busted in Russian Raid
    By OneMoreThing... in forum Apple Rumors and Reports
    Replies: 3
    Last Post: 08-05-2011, 01:56 PM
  3. Upcoming MacDefender patch is not the first AV tweak to Mac OS X
    By OneMoreThing... in forum Apple Rumors and Reports
    Replies: 2
    Last Post: 05-26-2011, 11:38 AM
  4. MacDefender malware protection and removal guide
    By OneMoreThing... in forum Apple Rumors and Reports
    Replies: 0
    Last Post: 05-19-2011, 12:54 PM
  5. Malware for Windows users Who Own iPads
    By MYmacROX in forum iPad Hardware and Accessories
    Replies: 1
    Last Post: 04-27-2010, 04:39 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •