Savvy Duck Alerts: Mac Defender
The Macontosh OSX operating system has a well-deserved solid history for information security and resistance to viruses and spyware. However it is inevitable that when you plug five holes, somebody is going to find the sixth. This is where Mac Defender comes in (also known as Mac Guard, Mac Protector, Mac Security, Mac Shield, and others). This malicious piece of software has exposed many Macintosh owners to their first virus-like experience, and it spread alarmingly rapidly.
| 
Mac Defender Logo |
Method of Attack
One of the Scary Warning Screens
The unscrupulous creators of Mac Defender created a very legitimate-looking website to spread their software. They used search engine optomization techniques to push this website to the top of Google and other search engines for several key search terms related to Macintosh security software. People curious about protecting their Macs would stumble across this website and download Mac Defender, which was advertized to be a free antivirus program. This is the key aspect to Mac Defender. It doesn't spread with virus-like activity; people have to willingly download and install it. This is how it gets around the strong security in place in OSX.
Effects
The false infection pop-ups
Once installed, Mac Defender begins simulating virus-like activity strikingly similar to the effects of a lot of Windows spyware: it opens frequent web browser windows containing advertising and other content not suitable for mention on a family-friendly website. It then puts flashy and scary-looking alerts all over the screen complaining that the computer has various critical viruses, painting a frightening doomsday scenario for the mac's owner. But occasionally, one of those alerts will complain that the viruses cannot be cleaned because the Mac Defender software is unregistered. When someone clicks one of those or opens Mac Defender, it will say that it requires a payment to register the software, and it asks for credit card information. There's the real purpose of Mac Defender: to steal your credit card information. If someone actually does enter their credit card information, it complains that the credit card was rejected and asks for another. Then another. Crafty, isn't it?
Prevention
The misleading registration pop-up
Fortunately for those worried about Mac Defender, prevention is easy. The software requires you to willingly download and install it for it to take effect, so don't. If you're browsing the web and see any of the windows or logos shown on this page, run very far away. That's it. OSX doesn't usually require a lot of extra security, but if you're worried and want to take extra preventative steps, I recommend purchasing a well-known and reputable piece of security software, such as
McAfee VirusScan for Mac.
What if I've been infected?
If you have been infected by Mac Defender and live in the Eugene/Springfield area, you're in luck. I have encountered and successfully removed this software before and would be willing to do the same for you, in-person, through my
computer repair service. I can usually remove this infection in under a half-hour. If you are outside of the area, I recommend searching for a virus removal service closer to you or contacting
Apple Support.
