Apple acknowledges ‘Mac Defender’ malware problem, posts removal instructions

By on May 25, 2011 at 9:40 AM
Software May 25, 2011

Mac users have recently been targeted by a phishing scam that falsely claimed their computers were infected with a virus. Upon being redirected to an illegitimate website, users were instructed to install “Mac Defender,” which was malware masquerading as an antivirus application. Until recently, Apple had reportedly instructed its AppleCare support reps to deny any existence of the problem and said reps should “not remove or uninstall any malware” found on a computer. On Tuesday, however, Apple finally acknowledged the issue and posted instructions on its support forums that cover how to avoid and remove the Mac Defender malware. Hit the jump for Apple’s instructions.

Removal steps

  • Move or close the Scan Window
  • Go to the Utilities folder in the Applications folder and launch Activity Monitor
  • Choose All Processes from the pop up menu in the upper right corner of the window
  • Under the Process Name column, look for the name of the app and click to select it; common app names include: MacDefender, MacSecurity or MacProtector
  • Click the Quit Process button in the upper left corner of the window and select Quit
  • Quit Activity Monitor application
  • Open the Applications folder
  • Locate the app ex. MacDefender, MacSecurity, MacProtector or other name
  • Drag to Trash, and empty Trash

[Via The Register]

Read

Tags:
, , , , , , , , , , , , , ,
52 Comments

Related Articles

  • Robert Ree

    Why isn’t BGR slamming Apple for telling their reps not to help the users like they were slamming RIM just days ago.

    • Billy

      Go to BGR’s twitter and look at the pictures.. even his apartment looks like an Apple store.

  • Anonymous

    And I distinclty remember some people sayting that Macs are impervious to infections.

    • Anonymous

      This isn’t an infection. It’s someone being conned into installing software and then being tricked into giving up their credit card number. You can also just delete the program.

      Viruses are what plagued Windows computer in the 90s and early 2000s.

      • Anonymous

        I’m aware that this particular problem isn’t a virus per se, but adware, malware, spyware, etc. all fall under the same general category of crap that you don’t want on your computer. Whether it’s a mac or a windows based machine is irrelevant. My point is that they are both succeptible to these problems.

  • Anonymous

    Nah. Macs don’t get viruses. Haven’t you heard?

    • Michael

      This ain’t no ordinary PC virus. You actually have to download the “virus” yourself, be willing to install it, and actually type in your password, to make it “infect” you. Besides, it’s the easiest removal ever

      • Anonymous

        So its still a Virus right ..

        its funny how fan boi’s dont want to come out of their dream.

      • Anonymous

        No, a virus is something that spreads on it’s own. This is malware that works with social engineering to trick you into thinking it’s legit so you approve installing it.

      • metsfan

        Its malware. Not a virus.

      • Anonymous

        Malware is a term that encompasses all malicious programs, be they a virus, trojan, spyware, adware, scareware, whatever.  Playing around with the naming of this doesn’t negate the fact that the software is malicious in nature, and is a typical social engineering attack on susceptible users.  These days, most malware is propagated in this manner and willingly installed on their machines.  Whether it is WIndows or OS X, it really doesn’t matter.

        Convincing users that they don’t need to be protected is a problem.

      • Anonymous

        Good explanation.  Just what I was thinking, but did not have the right words to describe it.

      • http://pulse.yahoo.com/_PPTWQFTJZ4BB3666VRG64OL3XA Kent

        Not any more. Although I own a Mac myself, I have to say that this amuses the hell out of me, and I hope all you Apple fanboys get infected, lose all your data and have your identities stolen. Serves you right for being so obnoxiously worshipful at the altar of Jobs.

  • Bringit

    In related news, 100% of the mac users who have been silly enough to fall for this scam, also have Android phones.

    • Anonymous

      not funny

    • http://twitter.com/JAviles07 Jose Aviles

      Lol , I got the Evo and I didnt fall for it

    • Afdjhklues

      In related news, 100% of the mac users who have been silly enough to fall for this scam, also have iPhones.
      you’re welcome for the correction

      • Bringit

        Jose Aviles and 5 more people (and counting) like my comment.  Only you like yours.  My post was correct, and I WIN.

      • JJose

        Looks like you spoke too early. Go home and get your folks to like your comment so that you can come back later and claim victory

    • Steve Hillshire

      You are a true apphole.  Period.

      • Bringit

        ….better to be an apphole than to get your period over your Androidanus.  Period.

  • Anonymous

    This is different.  This is a social engineering attack which attempts to trick users into willingly downloading a software program, which will then ask you for ADMINISTRATIVE privileges, and only then will install itself.  Any OS on the planet (including Linux) is vulnerable to this kind of attack, because ultimately the user is certifying to the OS that the application is safe to run.

    The fact that this has spread enough to make any news at all is a testament to the power of social engineering, or essentially the power of using psychology to manipulate users into something that’s not in his or her best interests.

    This has nothing at all to do with the security of the Mac OS itself.

    • Bringit

      Exactly.  An easy concept for most people to understand.  Android people clearly need a refresher course on how this works.

      • http://twitter.com/atlharry Harold Min

        Are you 8 yrs old?  really?  don’t you get tired of this?  get. a. life.

        This goes for GooFan and Norm as well.

      • Bringit

        Hi Harold,

        No, I am not 8. years. old.

        Your Pal,

        Bringit

      • http://www.droiddoes.com/ Norm

        Hey mate. Blow me. If you don’t like my opinion in an open forum to discuss things and give opinions maybe you should go to a Mosque or something. F-tard.

      • Bringit

        Norm and I rarely see eye to eye (I happen to be taller), but on this I am Norm-united.  The Mosque is a good suggestion, or Utah.

      • http://twitter.com/atlharry Harold Min

        Wow.  The mosque comments really show just how ignorant you two are.

      • JJose

        And you will teach them? First sync your lessons from iTunes and then come here to teach…

    • Anonymous

      Your right you would have to make some serious errors in judgement to install this, the problem is Apple markets the fact that you won’t get Malware and Virus, so users feel they can do anything they want on a Mac and still be fine, which obviously isn’t true.   Blaiming this on stupid users to kind of rediculous considering Apple basically tells its users to be careless.

      • Anonymous

        Macs still don’t get viruses, which is what Apple advertised. They haven’t advertised that in a long time.

        This is more akin to a phishing attack. Your Mac also doesn’t protect you when you get an email claiming to be US Bank asking for your login information. 

      • Maren

        But you have to install it first, isn’t that the difference? I also got that Scam ‘offer’ to ‘protect’ my Mac but thought: “Why do I need this? Apple doesn’t get viruses!” So I did not install. Conclusion: only those people who don’t believe Apple’s claim have installed this software.

        Maren

    • Tyler

      Ahem…
      So when all the Windows users were getting hit by the Facebook Viruses as it has been widely known as that actually was not a virus just a program installed right?

      It mislead them to a fake adobe sight where they assumed they were downloading a flash plugin hence installing the malicious file…… but according to you that isnt anything but a program.

      If a file is disguised to the User as a legitimate file wouldn’t it be the Operating System’s job to ensure the integrity of the file?

      Almost all the malicious files on a PC are downloaded or run in some manner by the end user.

      Just about every malicious file out there is an engineered attack in some matter.

      This totally has to do with the Security of Mac OS, any deny of that is being sheepish.

      Let me guess you believe Android users also made up the iPhone 4 antenna issue and it never actually existed right?

      Stop trying to defend your Apple product and man up to the truth. Apple finally has.

  • Davis

    To people thinking OS X can’t get viruses: of course they can. Anyone can write apps. They’re just not nearly as common. Also, when’s the last time a major windows virus removal was as easy as stopping the process and deleting the EXE?

    • Anonymous

      Who says removing the “virus” is as easy as removing the EXE command? Apple is not talking about removing a virus.  They’re talking about removing the malware program that makes the computer vulnerable.  Fwiw, these can be eliminated just as easily in Windows. 

      • Anonymous

        You’re kidding me right? They embed themselves in the registry, run multiple processes with random names that change on every boot, load themselves in as kernel-level drivers, etc.

        Drag to the trash? If only it were that easy in 2011!

      • Steve Hillshire

        Yeah, have to agree with steven.  There is normally *nothing* easy about removing malware from a PC.  Microsoft made it nice and easy for malware writers to litter their shit everywhere, requiring working knowledge of the registry to remove half of it.  AV cant do crap about half of it either because if a file is running and in use, Windows protects it from deletion.  Its a lose, lose for any PC user who is stupid enough these days to open enticing stuff they shouldn’t be.

  • GeoKaplan

    And thus, out come the Beta Dogs…

    This isn’t a virus, it’s a phishing attack, which preys upon those who don’t understand how to keep their computer secure, since it is successful only when the owner provides the system password and allows the malware access to the system.

    As to “denying” the problem, there are specific legal reasons why a company would decline to assist in removing malware which is the result of user negligence. Sad to say, but it is a litigious world in which we live, and it is easy to understand corporations declining to assist in a situation which is not of their doing.

    That being said, the Beta Dogs can go back to their howling. Carry on.

  • Anonymous

    NO ONE can get into Google systems.  NO ONE!  Because no one is as smart as we in the Google ecosystem are!

  • Anonymous

    like another commenter said, until apple has a definitive solution, they legally aren’t able to officially “help” customers

  • Anonymous

    A problem was discovered. A solution wasn’t initially presented. A solution has now been presented. Kudos to Apple for doing so in a timely fashion.

    I still feel that there are overarching concerns with the “security through obscurity” that Apple is using right now to claim increased security but, frankly, it works. People aren’t really going after to it with the same vigor that they go after Windows machines, so there isn’t going to be as much phishing, malware, viruses, etc. as there are for Windows.

    I don’t see where it’s much more complicated than that… unless you’re a blind hater or a troll.

  • Anonymous

    I blame MS for not actively pursuing a copyright infringement since they have Windows Defender. 

  • http://twitter.com/_fredLjones Fredrick Jones

    I’m a Mac user but f*ck Apple for denying the problem in the first place. Stellar business ethic.

  • Tyler

    Ahem…
    So when all the Windows users were getting hit by the Facebook Viruses as it has been widely known as that actually was not a virus just a program installed right?

    It mislead them to a fake adobe sight where they assumed they were downloading a flash plugin hence installing the malicious file…… but according to you that isnt anything but a program.

    If a file is disguised to the User as a legitimate file wouldn’t it be the Operating System’s job to ensure the integrity of the file?

    Almost all the malicious files on a PC are downloaded or run in some manner by the end user.

    Just about every malicious file out there is an engineered attack in some matter.

    This totally has to do with the Security of Mac OS, any deny of that is being sheepish.

    Let me guess you believe Android users also made up the iPhone 4 antenna issue and it never actually existed right?

    Stop trying to defend your Apple product and man up to the truth. Apple finally has.

  • Anonymous

    Walled garden seems to be having some weed problems.

    • Anonymous

      Macs aren’t walled gardens. iOS is.

  • http://twitter.com/JAviles07 Jose Aviles

    That has popped up on my Mac a few times randomly thankfully I never installed it 

  • Droidman101

    Oh…so you mean those commercials lie?
    OH MY GOD, STEVE JOBS LIES!?!?!

  • Phed_Up

    Ok, all BS aside…

    …When, when, tell me WHEN is CrApple going to get called on the carpet for their deny, deny, deny, ….admit tactics?  It doesn’t matter how trivial, or severe the issue is, what matters is this jackwad company has a HUGE problem with reality, and constantly (seriously, when was the last time they admitted ANY defect/failure/issue with ANY of their products?) gets their lunch handed to them by having to admit that there actually is an issue?

    I am not saying that the problems that get proven are actually worth getting torked up over, but if ANY company on the planet pulled this deny, deny, deny, crap and then had to admit that there was a problem….they would be CRUCIFIED!

    Stop giving these jackwads special treatment people, love them or hate them you should still expect some measure of integrity out of them!  Telling their support people to deny this malware exists, and refuse to help?  That is just wrong.

    Come out of the RDF, take a deep breath of something that doesn’t include CrApple crack smoke, and start making this company pay for their mistakes just like every other tech company does!

    This company is just as bad as that moron preacher saying the world is going to end, oops it isn’t until (insert new date)…., the world is going to end, oops it isn’t until (insert new date)…., the world is going to end, oops it isn’t until (insert new date)…., and the CrApple faithful do just exactly what this idiots followers do…keep on worshiping!

    egad, I am SO PHED_UP with the mindless drivel!

    • Anonymous

      This has all happened in the matter of a few days. Any large corporation is forced to consult its legal department and carefully plan out any “admissions”. They also need time to review and address the problem. 

      You’re faulting them for taking a few extra days to sort the problem out before making a statement?

  • Anonymous

    This is just the beginning :D

  • Spokentruth

    I hope they keep making viruses to teach these delusional mac users a lesson. 

blog comments powered by Disqus