Article: Mac Malware and You

by on May 11, 2011

Last week, a new threat to the security of Mac users popped up, MacDefender, a rather legitimate-looking piece of software actually harms your computer instead or protecting it. Is the age of innocence over for Mac OS X users? Not really.

Unlike the traditional computer virus, MacDefender is actually a Trojan horse. That is, you must give the okay for it to run or install, even though letting Safari or other browsers deal with downloads gets you about halfway there:

The malicious Mac app is called MacDefender, and according to Intego, it hides within Web pages that use search engine optimization to spam the results of popular searches. Infected Websites show a fake animation of a malware scan in Windows, followed by a pop-up telling users that their computer is infected. JavaScript on the page then automatically downloads a compressed ZIP file containing the malware.

The MacDefender malware looks real.For Safari users who’ve checked the “open ‘safe’ files after downloading” option within the browser’s settings, the MacDefender malware installation begins automatically. Otherwise, the user must open the ZIP file and install the app manually for the malware to take hold.

No matter what the case is, you must enter your administrator password to install it. If loaded, it finds fake viruses, loads pornography on your computer, and asks for your credit card number. Clearly, the fact that the user must intervene makes this no better or sophisticated than a rogue Automater script. However, there are only two things you need to do to keep your computer free of malware:

  • Don’t use your administrator password for things you don’t know what you’re being asked for.
  • Only get your software from trusted sources, either from a well-known developer (Adobe, Microsoft, AOL, Mozilla, Panic, IconFactory, etc.) or the Mac App Store.

If you follow these steps, you reduce the risk of any sort of malware hitting your Mac to an almost nonexistent level. Besides that, there really isn’t much out there, especially when compared to Windows.

This post has been filed in Articles