Safari Users Targeted By New ‘MACDefender’ Malware Software on Mac OS X

By

MACDefender-installer.png

A new malware threat called ‘MACDefender’ is targeting Mac OS X users browsing the web using Apple’s Safari browser. The software automatically downloads a file through JavaScript, but users must first agree to install the software, making the potential threat a low risk to careful users.

The malicious software was highlighted on Monday by Intego – the company behind the VirusBarrier X6 antivirus software for Mac – after Apple Support Community users started reporting the threat. Intego say the software prompts users to download a compressed ZIP archive after clicking on a dodgy link in their search engines. The file is then decompressed and begins installing MACDefender on the system.

Users still have to go through the installation process, however, and enter the administrator’s password to complete the installation. Because these steps are necessary, this malware shouldn’t be a threat to careful users who only install software they have knowingly downloaded and trust to be safe, and therefore this threat is very low risk.

Users can prevent the ZIP file from opening altogether by disabling a feature in Safari that automatically opens ‘safe’ files after downloading. To turn this feature off, go into Safari’s preferences and click on the ‘General’ tab. You’ll find a check box at the bottom of the page – remove the tick from the box and exit preferences. Downloads will no longer open automatically.

Screen shot 2011 05 03 at 11 11 15

It pretty much goes without saying that you should never trust a file that automatically begins downloading when you click on a link within a search engine.

[via AppleInsider]

Newsletters

Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.