The old saw that Macs don't get viruses is under fire as a piece of malware called Mac Defender is rampaging across the Web. Claiming to be antivirus software, Mac Defender and its variants pretend to clean up your computer -- but all they're after is your cash.
Mac Defender is fake antivirus software that dupes Mac owners into handing over their credit card details. It's the first time these tactics have been employed to attack Macs, according to Intego, the Web security firm that identified the malware -- attacks of this kind usually deliver dodgy Windows programs.
Mac Defender looks like a well-designed, real piece of software, fooling users into installing it. Once it's on your Mac it starts opening porn sites to make you think you have a virus, and informs you of nasty spyware where in fact there isn't any.
If you enter your credit card details and pay for a subscription, the software stops with the porn, making you think it's defeated the non-existent virus. The cunning rascal! Basically it's like that bit in The Lion King 2 where Kovu's pride put Kiara in danger so Kovu can manufacture a brave rescue. Yes, it's exactly like that.
There are a number of other variations on the malware, including versions called Mac Security and Mac Protector.
These scareware programs are spread through SEO (search engine optimisation) poisoning sites, which use SEO tricks to push websites to the top of search results. Those sites pop up warnings that a virus has been detected and automatically downloads the sketchy software.
To avoid being stung by Mac Defender and the like, make sure you only download software from trusted sources, and never continue with installation if software starts trying to install itself. Intego also recommends unticking your browser's option to open files after downloading.
If you have been tricked into installing Mac Defender or one of its evil clones, you should be able to remove it by deleting the app from the Applications folder. If it tries to stop you, open up Activity Monitor -- search in Finder if you don't know how to find it -- and you'll see all the processes your Mac is carrying out. Click on Mac Defender and hit the big red Quit Process button at the top. Then delete the app.
Have you been stung by Mac Defender? Let us know in the comments. With hackers finally cottoning on to Apple users, is this the beginning of the end for the legendary virus-free Mac?
Android App 
RSS Feeds 
iPhone App 
Newsletters 
Comments 13
Add your comment
Anonymous 19 May, 2011 15:55
To quit Mac Defender just press Apple(cmd) + Alt + Esc and click force quit. It's not really a destructive virus, or a virus at all, it's just a trick programme. It won't add anything malicious to your library folder.
skapete 19 May, 2011 16:52
Bring on the viruses! One less reason for Apple fans to be so smug.
henry-james.org 19 May, 2011 18:59
I removed MacDefender from an infected iMac this morning, it took a while, but was not overtly complicated.
Anonymous 19 May, 2011 20:22
what a pleasure to read this article, finally the poison has started spreading. Funny enough, the apple logo has a chunk cut off...kinda brings this feeling that someday, some1 is gonna break through its virus free reputation
Andyt95 19 May, 2011 21:10
...and I'm sitting here, giddy, on linux, watching intently as you all suffer >:D
Anonymous 20 May, 2011 03:30
So, don't install it!
It's not a virus.
It's a Trojan - named after the wooden horse. They opened the gates and let the wooden horse in with its load of "Navy Seals."
Nothing scary about this at all, just don't let it in. Don't install it.
Viruses and Malware are a Windows thing. Linux and Mac users need have no fear.
haxorqueen 20 May, 2011 10:05
So basically its a virus that you need to install yourself and hand over credit card details to the virus yourself manually. This is the kind of stuff only incredibly gullible or very non tech savy people would fall for.
Anonymous 20 May, 2011 11:20
If you are stupid enough to fall for such a trick, you do not deserve a MAC. Go back to window...
OSX is still very safe to use.
Anonymous 20 May, 2011 12:21
I quickly realised this was rubbish and got rid smartly
Anonymous 23 May, 2011 18:44
Here's where the value of layered security comes in. A little bit of smarts (or healthy questioning of why you're being asked for permission to install software) would stop this but also having a siteadvisor type of function in your browser or DNS (I like opendns.com) would probably stop you before it let you even open one of the sites containing this 'payload.'
Anonymous 25 May, 2011 18:01
My neice's macbook was infected on May 6, and it took me a while to find someone who had already removed the malware. Nice of Apple to finally admit it's out there. BTW, first time I've had to touch an Apple product to remove something like this, I work in an IT dept. and we fight the Windows crap everyday, just for perspective.
Anonymous 27 May, 2011 12:21
I was searching ''google images'' for ''ghost photographs'' and I well remember the pic that directed me to the ''dodgy site''. i was not able to shut the page down, and I thought it looked cheap and tacky, but as I am a new Mac user, I was fooled into pressing what looked like a ''software update'' I was then able to shut the site down. Next day, I went to the apple shop, [May 2nd] but they said it was nothing to worry about.
I asked if they would check, but they said it was not a problem.
when the ''mac defender scam hit the news, I checked my downloads, and sure enough , the bloody ''Macdefender'' was there-and apple really did not want to be of much help, to my utter dismay. in the end, I decided to go to the store to get them to wipe my computer and start again, as there is so little stuff on there.
Luckily, they found that I had not installed the wretched thing, and got rid of it.
Had they warned me of such things, and i did ask numerous times about safety when buying, I would have been aware. I have now unchecked the ''download ''safe'' files box, and put on the firewall.
Was very worrying, especially asI felt abandoned by Apple when i asked for help.I would never, ever give a password or credit card to anyone, especially over the net.
Fraybentos 16 June, 2011 15:55
I support a whole bunch of MAC users and Id say a quarter have been stupid enough to install it. But I agree with skapete, anything to make them less smug is good.