Professional Services from Professional Techs

MacDefender, MacProtector, MacSecurity "Is This the Begining of Malware on the Mac"

I have always recommended Mac to the Home User because I considered the Mac to be "Basically Invulnerable to the Internet."

Now that MacDefender has been seen in the wild, and is making a pest of itself, I wonder if I have to change my opinion.

Several times in the last few days, I have forced my Macbook Pro to allow the attack to take place to observe it's behavior during the infection. 

As I suspected, the User has to actively participate in the installation of the program. the User is not prompted for the root password during installation, but the program still requires that an installation script run to place the files in the Applications folder. The program is then configured to Start on Bootup.

An experienced Mac User would not let any of this happen. The program would be denied installation by the User and the Downloaded program would be deleted.

However, the nature of the trickery that fools the User into installing MacDefender is very compelling. The initial trick is that a Popup opens outside of the Safari Browser and looks very much like the Finder Window on your Mac. Then "Alerts" start to populate the Desktop indicating the your Mac is infected with all kinds of strange things. 

As I said, it is all very compelling, and even an experienced User could be convinced to install MacDefender.

Malware attacks on a Windows platform are quite a different story. For the most part, the attack program is downloaded and installed without any input from the User and suddenly, the computer is unusable because of the Malware. 

The basic question is "Will the Mac OS ever become as vulnerable to malicious attack as the Windows OS."

I still maintain that the answer to that is NO. (For the for-seeable future)

An excellent tutorial on MacDefender and Removal instructions can be found at

 

http://www.bleepingcomputer.com/virus-removal/remove-mac-defender