Monday to Wednesday, 10am - 4pm, ET
1.855.281.5499 (toll free)

Paradise Lost: Mac Users Targeted with New Malware


This post originally appeared on Techsoup's blog and was written by Kevin Lo, Lead Technology Analyst at TechSoup.

Mac with skull and crossbones by Flickr user Eduardo O.

Last week, for the first time ever I stepped into an Apple store and sought the help from its Genius Bar for a hardware issue for a MacBook Pro (it was a known issue that affected models of a certain age and a particular graphics chip). Last week was also the first time Apple acknowledged the existence of a Mac-specific virus and promised to address it in a system update. This new virus deceptively named "Mac Defender" tricks the user into thinking that they are infected with viruses, and prompts the user to enter credit card information to have the supposed infection cleaned. It is an elaborate form of phishing that is spread not just through spam and pop-up windows, but as full-formed application-like malware.

Over two years ago, the New York Times reported this trend of scareware, and it didn't take long for it to spread to other systems. The arguments that either a) there are too few Mac users for virus writers to target the system and b) Mac OS is based on Unix therefore it is more secure, were disproved in one fell swoop.

Since malware and security threats are increasingly perpetrated by criminal gangs and driven by profit, it is not surprising that they will target whichever population may bring the highest reward. If anything, the perceived affluence of Apple users and a false sense of security among them may make them even riper targets for phishing. Apple suggests the following to prevent the installation of this malware:

If any notifications about viruses or security software appear, quit Safari or any other browser that you are using. If a normal attempt at quitting the browser doesn’t work, then Force Quit the browser.

In some cases, your browser may automatically download and launch the installer for this malicious software.  If this happens, cancel the installation process; do not enter your administrator password.  Delete the installer immediately using the steps below.

  1. Go into the Downloads folder or your preferred download location.
  2. Drag the installer to the Trash. 
  3. Empty the Trash.

Unfortunately, it's already been reported that a newer version of the malware that doesn't require credentials is already in the wild. As always, be vigilant when using the Internet and use caution when unexpected messages or windows arise. For tools to protect your Mac systems, donations of Bitdefender Antivirus for Mac are also available via TechSoup Canada for eligible organizations.

Photo: Eduardo O.