Apple has
promised to take care of the Mac Defender malware that has spread across users' computers. But the makers of the original have created a new version that's even more of a threat as it doesn't require a password to install itself.
Intego, the security firm that found the first Mac Defender,
identified the new malware, which, like the previous version tries to trick users into giving up their credit card information by presenting false antivirus software.
After a user visits an infected webpage, the computer automatically downloads a file that runs an installer for a program called MacGuard. The install does not require a username and password. Apple's instructions to prevent the Mac Defender attack asks users not to enter administrative passwords--but they are no longer necessary.
At this point, the false anti-virus software installs, and claims to find malware threats on the Mac, asking users to register. Here, the program then instructs users to give their credit card number to buy the program.
<snip>
The first thing to do is make sure that when seeing a web page that looks like a Finder window, and purports to be scanning your Mac, you know that this is bogus. Leave the page, and quit your web browser. If anything has downloaded, and the Installer application has opened, quit it right away; look in your Downloads folder for the file, then delete it. Next, users should uncheck the "Open 'safe' files after downloading" option in Safari's General preferences.
<snip>
http://www.huffingtonpost.com/2011/05/26/mac-defender-malware_n_867434.htmlHaven't seen this yet, but if anything odd appears says it's scanning my machine, Mac or Windows, I kill it.
Printer-friendly format
Email this thread to a friend
Bookmark this thread
(1000+ posts)
Send PM |
Profile |
Ignore
