Posts Tagged ‘MacDefender Malware’

How to Avoid and Remove the MacDefender Malware

Friday, May 27th, 2011

Recently the MacDefender Malware has created a lot of concerns for Mac users all around the world. Quickly spreading, the MacDefender Malware is a phishing scheme that presents  a message that informs users that their system has been corrupted. The ploy goes on to tell Mac user that the only way to remove the viruses is to utilize the MacDefender app. The MacDefender malware can also appear as MacProtector and MacSecurity. The malware does not infect a user’s machines with viruses or monitor keystrokes. Their sole purpose is to frighten and persuade users to purchase the MacDefender application thus gaining access to the customer’s credit card information.

apple logo

from http://www.Apple.com, May 2011

Mac has estimated that between 60,000 and 125,000 Mac users have already been exposed to this malware. Most users have encountered this problem through poisoned Google images. When users access a poisoned link, a page will launch and display a virus scan. After being transferred to the infected webpage the software begins to download and informs users of an infection. Previously the malware required permission to install but despite the efforts made by Mac a newer version of the malware has been created, which no longer needs the user’s permission. This MacDefender version automatically installs on a machine during the fake scan process.

Mac has yet to take action against the initial malware but has stated they will have a resolution with their next OS X Update. Mac states that they will “deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants. Mac however has not addressed the new version of the malware and has also informed their support staff Not to assist users with MacDefender removal. Although the support staff has been instructed not to assist with its removal, Mac has provided the following on how to prevent the malware from installing and how to remove once installed.

Avoiding Installation:

  • If users experience any notification concerning the mentioned security software, immediately exit the browser.
  • If the browser fails to quit, perform a Forced Quit. To perform a force quit go to the Apple menu and choose force quit. Alternatively you can Force Quit by pressing Command+Option+Esc, and then choose unresponsive program followed by clicking force quit.

Removing the Application:

  • In the event that the malware was automatically downloaded and launched, do not enter your administrator password.
  • Do not provide your credit card information.
  • Access your download folder and delete the application.
  • Once the application is deleted make sure that you also permanently delete is in your trash folder.
  • Close the Scan Window.
  • Go to the Utilities folder in the Applications folder and launch Activity Monitor.
  • Choose All Processes from the popup menu in the upper right corner of the window.
  • Under the Process Name column, look for the name of the app and click to select it.
  • Click the Quit Process button in the upper left corner of the window and select Quit.
  • Quit the Activity Monitor application.
  • Open the Applications folder, locate the app again, drag it to the trash, and permanently empty the Trash

In addition to the MacDefender app a login item is also placed in the user’s system preferences which can be removed by opening system preferences, selecting accounts, clicking login items, selecting remove and then clicking the minus button. Although it is not necessary it is advised that users to remove this login item.

Check back later as more details develop to learn more about the MacDefender malware and possible solutions.

Thanks for Reading and Have a Great Day!

Dustin

ComputerFitness.com

Providing Tech Support for Businesses in Maryland