- #HOW TO REMOVE MAC DEFENDER VIRUS MAC OS X#
- #HOW TO REMOVE MAC DEFENDER VIRUS INSTALL#
- #HOW TO REMOVE MAC DEFENDER VIRUS PASSWORD#
- #HOW TO REMOVE MAC DEFENDER VIRUS ZIP#
- #HOW TO REMOVE MAC DEFENDER VIRUS DOWNLOAD#
In Safari, you can disable this feature by clicking the “Safari” menu, then clicking “Preferences,” then uncheck the “Open “safe” files after downloading” checkbox. Disable web browsers from automatically opening “safe” files.
#HOW TO REMOVE MAC DEFENDER VIRUS INSTALL#
If you are unsure, err on the side of caution and don’t install the program without further research.
If a file automatically downloads or an installer randomly appears, be sure to determine if it is legitimate instead of blindly installing it.
#HOW TO REMOVE MAC DEFENDER VIRUS DOWNLOAD#
Download files only from trusted sources and safe sites. When clicking on results from a search engine, be extra vigilant for websites that seem fishy. By sticking with safe, well-known websites, you will be less likely to visit a site that will attempt to infect you with this malware. Instead, SecureMac offers the following simple tips to avoid infection by MAC Defender: Safe Browsing Tips While disabling Java in the web browser was an easy solution to avoid Boonana infections, Javascript is used on a large number of websites, and disabling Javascript will result in a significantly degraded web browsing experience. MAC Defender uses Javascript to display the fake scan webpage and download the installer file, unlike the Boonana malware detected by SecureMac in October 2010, which uses Java as the technology behind infections. If the user decides not to purchase a subscription, the malware will start displaying pornographic websites at random on the infected system. The program immediately starts to “scan” the infected system, alerts the user they are infected with various malware, and prompts them to purchase the program in order to remove the threats. The malware appears as a menu bar item in OS X, but without a Dock icon or any way to exit the program.
#HOW TO REMOVE MAC DEFENDER VIRUS PASSWORD#
Once the user runs the installer (and enters their admin password when prompted), the malware is installed to the Applications folder, sets itself as a login item, and starts to run.
#HOW TO REMOVE MAC DEFENDER VIRUS ZIP#
If the user has their web browser to automatically open ‘safe’ files such as zip archives, the installer for the malware will appear without further user interaction.
#HOW TO REMOVE MAC DEFENDER VIRUS MAC OS X#
The fake scan site checks the web browser settings to determine if the user is running Mac OS X or Microsoft Windows, and then downloads the appropriate installer for the user’s operating system. If the user clicks on various links or buttons on the fake scan webpage rather than closing it immediately, the actual malware will be downloaded to the user’s system. Initial user reports indicate that a wide variety of keywords will show search results containing infected links. The malware, first reported on various discussion boards last week, initially appears in the web browser as a fake anti-virus scan (with graphics from Microsoft Windows) when the user clicks a web link.Īt the time of our initial analysis, the fake scan sites were appearing after the user clicked an infected link in Google image searches. If that doesn’t do enough to convince the user to buy the fake anti-virus program, it will start popping up pornographic websites to create an actual problem on the system. The fake anti-virus program will “detect” nonexistent threats as being present on the user’s system in an effort to persuade them to hand over their credit card information and purchase a “subscription” to the program. The new variant is an updated version of the original malware, rebranded as “Mac Security.” Read MoreĪ new privacy and security threat is targeting computers running Apple’s Mac OS X disguised as an anti-virus program called MAC Defender. UPDATE, May 4th, 2011: SecureMac has discovered a new version of the previously identified MAC Defender malware.
The new variant, just like the previous identified “Mac Security” version, is an updated version of the original malware, rebranded as “Mac Protector.” UPDATE, May 9th, 2011: SecureMac has discovered a new version of the previously identified MAC Defender malware. This Security Bulletin will be updated if the threat changes. MAC Defender Rogue Anti-Virus Analysis and Removal SecureMac Security Bulletinĭue to the easy removal of the currently identified variant of this malware, SecureMac rates this threat as low.