May 20, 2011
Recently, a rogue anti-malware trojan is currently spreading on Mac systems. It has varrying names and it includes “MacDefender”, “MacProtector”, “Mac Security”, “Apple Security” and “Apple Security Center”. This malware was a history as the first fake anti-virus scam ware for MacOSX. So how do you remove it? :sleepy:
The Sourcefire Vulnerability Research Team(VRT) has a great blog on MacDefender that contains the instructions which I will be re-posting here.
1. In Safari under “Preferences”, at the bottom of the “General” tab (the first tab), uncheck “Open safe files”. This will prevent Safari from starting threats like MacDefender automatically after downloading them.
2. Open up “Activity Monitor” (this is in your Utilities folder within Applications)
3. Find “MacDefender” (or whatever the malware is being called, MacProtector, Mac Security, etc)
4. Highlight it then click “Quit Process” which looks like a big red stop sign at the top right of the Activity Monitor screen.
5. Next, open System Preferences, and go to “Accounts”. When it appears click on the “Login Items” button, select the program, and then click the “minus” button to remove it from Login Items.
6. Next, navigate to your Applications folder, find the program, drag it to the trashcan, and then empty the trashcan. Yes. It’s really that simple to remove.
With this introduction of scareware on Mac OSX, the ‘feeling’ of being ‘secured’ when using a Mac shatters. It will be soon that viruses that spread on Windows machines will also attack Mac desktops and laptops.