Jump to content
tomad

Mac Defender Scam??

Recommended Posts

Today This so called antivirus SW came into my wife's Mac. What is the best way to remove it?

I think I got rid of it going to activity monitor, killing the process then, trashing the Application. But wondering if it somehow still exists or I should do more.

Edited by tomad

Share this post


Link to post
Share on other sites

Things don't 'come into computers', especially Macs. It requires an affirmative install.

 

I t might actually be AV software but if it gets there by tricking someone into installing it (like running a fake scan while on a website), it's probably not real.

 

Use Spotlight to search for it and remove it. Actually, before using Spotlight, see if it puts itself in the login items, so you should delete it's Alias from there first.

Share this post


Link to post
Share on other sites

Lots of poeople on the Apple Support Communities seem to have gotten bit with this scam. Apparently, a pop-up occurs when browsing for images that says your system is infected and "download this software now". Problem is that clicking on the close button initiates the download. I'll bet that almost, if not, all the people who got bit by this had Safari set to "automatically open safe files after download" and were also running as Admin. I encountered this Sat morning but my settings did not allow the file to install without a prompt to enter my admin password. Fortunately, this app seems to only install into the current user acct and does nothing more than try to scam you into paying them and use up system resources as it runs in the background.

 

This is why, IMHO, it is so important to always run as a standard user .... nothing can install without your Admin Username and password in such a case. In any event, I think it's safe to say that Security through Obscurity, just met its end.

Share this post


Link to post
Share on other sites

Things don't 'come into computers', especially Macs. It requires an affirmative install.

 

I t might actually be AV software but if it gets there by tricking someone into installing it (like running a fake scan while on a website), it's probably not real.

 

Use Spotlight to search for it and remove it. Actually, before using Spotlight, see if it puts itself in the login items, so you should delete it's Alias from there first.

Share this post


Link to post
Share on other sites

Lots of poeople on the Apple Support Communities seem to have gotten bit with this scam. Apparently, a pop-up occurs when browsing for images that says your system is infected and "download this software now". Problem is that clicking on the close button initiates the download. I'll bet that almost, if not, all the people who got bit by this had Safari set to "automatically open safe files after download" and were also running as Admin. I encountered this Sat morning but my settings did not allow the file to install without a prompt to enter my admin password. Fortunately, this app seems to only install into the current user acct and does nothing more than try to scam you into paying them and use up system resources as it runs in the background.

 

 

 

Woah, sounds nasty. Luckily it doesn't sound that bad if it does get on your system, but that doesn't mean there could be more trojans like this for the Mac that are a lot worse. I did hear that there are/were a number of malicious programs and trojans on sites that have been specifically targeting people searching for Bin Laden images, and taking advantage of Google search algorithms so they can get to the top few links. It's a dangerous world out there!

Edited by R94N

Share this post


Link to post
Share on other sites

Here's a pretty good article in MacFixit - Mac Malware

 

The key is that one has to let the application install itself (or, get fooled into actually wanting it installed). Even if like Dolphbucs and many other Mac users (me included) one password protects installs, there still has to be an affirmative action to let the installer run.

 

Its clearly aimed at uninformed users. IMHO it's aimed at switchers who assume AV software is an actually need, rather than a preference to have or not. I don't.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing

    No registered users viewing this page.

  • Who's Online (See full list)

    There are no registered users currently online

×