Mac Defender Malware: A Survival Guide for OS X Users

I'm Infected. What Do I Do?

Apple has a detailed explanation on its Mac Defender support page about what you should do but here are the basics.

Before You Download

If you see the pop-up online, Apple recommends that you quit your browser immediately. If you can't shut it down normally then use the force quit option by pressing Command-Option-Escape. Then select your browser from the "Force Quit Applications" window and press the "Force Quit" button.

After You Download

If you've downloaded Mac Defender or one of its variants, but haven't installed it yet, then simply throw the download package (usually a mkpg.zip file) in the Trash. To be extra safe dump your Trash right away by clicking and holding on the Trash icon until a menu appears and then click "Empty Trash."

After You Install

If you have already downloaded Mac Defender and installed it on your system see the Apple support page under the sub-heading "Removal steps" for a step-by-step guide to removing the app. Under no circumstances should you ever provide Mac Defender or its variants with your credit card details.

Is this the End of the Age of Innocence for the Mac?

That's a hotly debated issue right now among Mac advocates and critics. There has been an uptick in malware activity for Mac recently. Not only has Mac Defender appeared, but there's also a new, high-priced software kit that lets anyone build malware for the Mac. But the truth is the bigger target for malware makers is still the Windows platform. Mac users are such a small segment of the overall global PC population that it's hard for an enterprising criminal to justify targeting such a miniscule number of users. Consider that about 80 million to 90 million PCs are shipped every three months. Apple, meanwhile, sold just over 13 million Macs in all of 2010.

That said, you should probably play it safe and expect to see more Mac-related malware in the wild. In late 2010, Panda security said it was seeing 500 new strains of Mac-specific malware every month.

Steps for the Future

If you're concerned about your computer's security, one of the best things you can do is download real antivirus software such as Sophos' free Mac antivirus program. Even if you refuse to run a security program full time, at the very least you should consider downloading an antivirus program so you can run a full disk scan every week or so.

But, just as Windows users have found out, the best way to stay safe online is to use common sense. If a pop-up window appears asking you to download software, do not agree to download it unless you were the one who initiated the download. If a program you don't recognize asks you for permission to install itself, don't do it. If you can't quit a browser window because of a misbehaving pop-up then force quit the program by clicking command-option-escape. If that doesn't work, try opening terminal and type in killall "browser name" where you substitute "browser name" (including the quotes) for your browser's full application name such as killall "Google Chrome" and not killall "Chrome."

For more tips on how to stay safe online check out PCWorld's How To Safeguard Your Security Online.

Connect with Ian Paul ( @ianpaul ) and Today@PCWorld on Twitter for the latest tech news and analysis.

Subscribe to the Security Watch Newsletter

Comments