Actually, it’s a Trojan, not a worm, but a Trojan in an apple doesn’t have the same ick factor. Or, maybe it does. Anywaaay, scores of Mac computers have been infected by a trojan called Mac Defender which masquerades as an antivirus program. It enters computers through coding embedded in some image search results. A popup screen then warns that the computer is infected and urges users to purchase and install Mac Defender (or another known variant, Mac Guard). Once installed, the malicious program hijacks the browser, takes users to adult sites, and funnels accessed personal information, exposing the user to identity theft.
Because Mac Defender requires a user to actively install the program, the simplest way to avoid getting infected is not to hit the OK button. Any popup message should generally raise a flag. It should be a bright red flag in a violent wind when the popup asks you to enter credit card information. At this point you want to close the popup without accidentally initiating the install. Since popups can be rigged to install if you hit a normal Close button, the best way to end the popup message without initiating an install is to force quit the program.
If you’ve inadvertently already installed Mac Defender or one of its variants, you can end the process through the Mac’s Activity Monitor in the Utilities folder. Detailed instructions for removing Mac Defender have been provided by Apple.
Apple has since rolled out Security Update 2011-003 which adds Mac Defender to its malware list. So Mac users who haven’t yet been hit with a Mac Defender popup may well want to run a software update to stay current with the latest security updates, a good practice regardless. This latest security update also comes with a malware detection and removal tool which automates the removal process for users unfamiliar with their Mac Utilities.
Verifying the Source
All the links on this post go to Apple’s support pages. Anytime a user can’t readily identify the source of any link or popup, the best practice is to avoid clicking or tapping on the content. Really, the main risk to Mac users is the general fact that Mac’s have been historically less susceptible to malware, making users less wary of accessing mystery content. Even so, removing malware from a Mac, at least in the case of Mac Defender, is a lot less time-consuming than cleaning up an infected PC.