Mac Malware “MACDefender” Unleashed

Mac Malware “MACDefender” Unleashed

There is a malware exploit called MACDefender that is currently targeting Mac workstations.

It poses as AntiVirus software, claiming that you have a virus and the only wait to remove it is to provide your credit card information. It exploits Safari’s preference to open “Safe” files after downloading.

You can read more about it here:
http://www.tuaw.com/2011/05/02/macdefender-malware-targeting-mac-users/

How to protect yourself:
ArcSource recommends turning off Safari’s auto-open feature:
1 – Launch Safari.
2 – Select Preferences > General from the Safari menu.
3 – Uncheck the “Open ‘safe’ files after downloading” box:
Safari Preferences - Do not open safe files

Many Mac exploits will prompt you to type in your administrator password to install software. If your account does not have administrative privileges on your computer, you’re safer. If you do have admin rights:
1 – Never install any apps unless you are absolutely sure of where they’re coming from and what they are.
2 – If an installer appears on your screen and you’re not sure how it got there, don’t let it install the software.
3 – When in doubt, let ArcSource install software (and software updates) for you.

If you have already installed the MacDefender malware, or you’d like to know what it looks like, here is more information, including instructions to easily remove it: http://www.tuaw.com/2011/05/19/macdefender-malware-protection-and-removal-guide/

ArcSource’s policy remains that most Mac users do not need AntiVirus software. This recent Wired article does a good job explaining some of our thoughts on why Mac users do or do not need malware protection: http://www.wired.com/gadgetlab/2011/05/mac-malware/

If you have any questions, feel free to contact us.

Aaron Marks applies his 80/20 rule to IT support: 80% people skills and 20% computer ninja magic.