Mac OS X Malware Threat: MACDefender

A new malware threat has been announced for users of Mac OS X, according to antivirus company, Intego. Two important points about this story need to be noted:

  1. The “threat” is being announced by a firm that supplies antivirus software. Antivirus software firms sell products based on the fear that consumers have. Such companies have been caught in the past not only exaggerating fears, but even creating malware themselves.
  2. Once again, the only way for this malware to cause problems for your computer, you must be running in an administrator account, not a basic user account. On Mac OS X, best practices recommend that administrator accounts not be used for day-to-day activities.

When a user clicks on a link after performing a search on a search engine such as Google, this takes them to a web site whose page contains JavaScript that automatically downloads a file. In this case, the file downloaded is a compressed ZIP archive, which, if a specific option in a web browser is checked (Open “safe” files after downloading in Safari, for example), will open.

More information is available in Apple’s support communities (1, 2), where users report that the malware is popping up directly in Google image searches.
Users running administrator accounts and with the Safari option to open “safe” files automatically checked appear to be most at risk, with some claiming that no notification of installation was seen or password required. Only when a screen popped up asking for a credit card number to sign up for virus protection did they realize that malware had been installed on their systems.

Categories Innovation and TechnologyTags , , , , ,
search previous next tag category expand menu location phone mail time cart zoom edit close