Fake anti-virus software is an old breed of malware that’s finally found a new trick: Attacking Macs.
The malicious Mac app is called MacDefender, and according to Intego, it hides within Web pages that use search engine optimization to spam the results of popular searches. Infected Websites show a fake animation of a malware scan in Windows, followed by a pop-up telling users that their computer is infected. JavaScript on the page then automatically downloads a compressed ZIP file containing the malware.
Low Risk So Far
Fortunately, Intego describes this Mac malware as low risk and not very widespread for now. It’s also fairly easy to remove, as The Next Web points out. First, use the Activity Monitor (under Applications > Utilities) to disable anything related to MacDefender. Then, make sure there are no references to the malware app in Library/StartupItems or, in the same place, LaunchAgents and LaunchDaemons. Then, move the MacDefender app from Applications to Trash, and delete the trash. Finally, use Spotlight Search to find and delete any remaining references to the app.
For prevention, Intego recommends its own anti-virus software (of course), but all you really need is common sense. Uncheck the “open ‘safe’ files after downloading” option in Safari and never, ever install anti-virus software that pops up on some random website, no matter how many viruses it says your computer has.
Follow Jared on Facebook and Twitter for even more tech news and commentary.