The following information regarding the insidious Malware software was posted on Eastman’s Online Genealogy Blog today as follows:
“Mac users have always felt smug that their systems were immune from viruses, trojan horses and other malware (malevolent software). Those were always problems for Windows users, not for anyone else. Unfortunately, the world has now become a bit more complex. I encountered a Mac infected file this morning.
Luckily, it is easy for Mac users to avoid the problem or, if already infected, to remove it within seconds.
The piece of malware that’s currently making the rounds is called Mac Defender (there are other variants called Mac Protector and Mac Security). It’s not particularly sophisticated. Infections occur because of the following sequence of events:
A user does a Google image search.
- Among the listings are poisoned listings.
- Clicking on these listings will take the Mac user to a web page that looks a lot like the Mac OS X Finder (the website uses browser and OS detect scripts to deliver different views and malware for different operating systems).
- The fake Finder displays a ‘Scanning for viruses’ message followed by the inevitable ‘Your computer is at risk!’ message and offers a ‘Fix your problem’ link.
- Clicking on the link takes the user to the page where the user can download the Trojan.
- The users clicks and installs the Trojan
- Trojan nags users for money to remove malware.
This scheme will be familiar to most Windows users as the Windows version of that Trojan has been around for two or three years. The only thing new is the Mac variant.
Luckily, it is easy to avoid this new problem: don’t download it! That is what I did this morning when I encountered the infected file online: I left without downloading anything. The so-called Mac Defender program will not do anything to your Mac until you click on the download icon. If you don’t click, you don’t get infected.
Here’s my advice to all Mac and Windows users: If you ever see an unexpected message pop up on your screen that asks you to download a file to “fix a problem” that you didn’t know you had, DON’T DO IT! Immediately leave the site without downloading any file. If you have doubts as to whether you are infected or not, obtain a good anti-virus program from a well-known and respected anti-virus company and test with that. You can find a number of high-quality FREE anti-virus programs available for Windows and at least one for Macintosh systems. Don’t trust questionable programs from companies you never heard of.
Sophos offers a great FREE anti-virus program for Macs. You can read about it in my earlier article at http://goo.gl/NljDg. I installed Sophos on my Mac desktop and laptop systems several months ago.
If it is too late and your Mac is already infected, don’t dispair. It is easy to remove this one. You can find a simple guide for removing Mac Defender at http://goo.gl/LlCkW.
Linux and UNIX users still have no known virus problems.”