Canadian TV, Computing and Home Theatre Forums banner

1 - 6 of 6 Posts

·
Member #1
Joined
·
47,683 Posts
Discussion Starter #1
Apple continues to maintain a public silence on the current outbreak of Mac malware, which may have affected more than 60,000 Mac owners. Meanwhile, a leaked document from an Apple call center confirms that the company continues to refuse any help to affected customers.
Story here

The Apple Document instructing support reps on what to do.
 

·
Member #1
Joined
·
47,683 Posts
Discussion Starter #2
If you have arrived on this thread because you have a Mac Defender malware problem then here is step by step instructions on how to remove it from securemac.
 

·
Registered
Joined
·
3,022 Posts
Here's the official link

Summary
A recent phishing scam has targeted Mac users by redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus. The user is then offered Mac Defender "anti-virus" software to solve the issue.

This “anti-virus” software is malware (i.e. malicious software).* Its ultimate goal is to get the user's credit card information which may be used for fraudulent purposes.

The most common names for this malware are MacDefender, MacProtector and MacSecurity.*

In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants.* The update will also help protect users by providing an explicit warning if they download this malware.*

In the meantime, the Resolution section below provides step-by-step instructions on how to avoid or manually remove this malware.
 

·
Registered
Joined
·
3,022 Posts
Unlike the previous variants of this fake antivirus,no administrator’s password is required to install this program. Since any user with an administrator’s account – the default if there is just one user on a Mac – can install software in the Applications folder, a password is not needed. This package installs an application – the downloader – named avRunner, which then launches automatically. At the same time, the installation package deletes itself from the user’s Mac, so no traces of the original installer are left behind.
I'm willing to bet that many users are running as admin (poor practice with any Unix OS) and Apple does ittle to educate/discourage this practice. This could be a bad one for Apple.
 
1 - 6 of 6 Posts
Top