MAC Defender

21 May 2011

There is currently a form of malware (if you can call it that) for the Mac circulating, called MAC Defender. Ars Technica has a report about its affects, which, so far, are both interesting and alarming. Interesting in that the malware is actually posing as malware protection for the Mac. And alarming because, despite the Mac security model of requiring an admin password, MAC Defender is actually shaping up to be a pretty big problem with casual users. Ars quotes an Apple Store Genius:

The beauty of Mac OS X is its security model. That people blindly enter a password is going to be the undoing of it.

It’s not a big deal if you’re a smart and safe Mac user. You should rarely have to enter your admin password to install any software anyway, so when you’re prompted, you should always be 100% sure of the software’s origin and purpose.

What you need to know/do:

  1. Do not install anything that requires your password without being absolutely sure of its origins. (This is Rule #1 for protection anyway.)
  2. Do not believe any on-screen reports that your Mac has been “infected”.
  3. Uncheck the “Open ‘Safe’ Files” preference in Safari

If by chance you’ve actually fallen prey to this thing, visit TUAW’s guide for removing MAC Defender.