Mac Malware spreading

Because of gamed SEO placements and poisoned links, some thousands of Mac users were tricked into installing a fake Mac security program.

Mac security vendor writes:

Intego has discovered a rogue anti-malware program called MACDefender, which attacks Macs via SEO poisoning attacks. When a user clicks on a link after performing a search on a search engine such as Google, this takes them to a web site whose page contains JavaScript that automatically downloads a file. In this case, the file downloaded is a compressed ZIP archive, which, if a specific option in a web browser is checked (Open “safe” files after downloading in Safari, for example), will open. The file is decompressed, and the installer it contains launches presenting a user with the following screen:

UPDATE: See Intego’s full security memo with detailed information about the MAC Defender fake antivirus.

PDG Recommends:

Sophos makes a free Mac security program. Read more about it in another post, and use it soon!

Apple will release a cleaner update for it as well. See their recent tech note.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.