MacDefender Malware Threat Attacks OS X
If an OS X user’s Safari preferences are set to ‘Open “safe” files after downloading’ the infection is immediately opened, launched and installed without user intervention. The only sign of infection with be when the Malware asks for a credit card number to sign up for their bogus “virus protection”.
End users running in “Administrator” mode and with their browser preferences set to ‘Open “safe” files…’ are the most at risk.
It has been reported the the infection is also showing up directly in Google image searches.
The following steps are recommended for those infected by the MacDefender Malware.
- Open Applications > Utilities > Activity Monitor and quit any MacDefender processes.
- Delete MacDefender from the Applications folder
- Check System Preferences > Accounts > Login Items for bogus entries and remove them if found.
- Perform a Spotlight search for “MacDefender” and delete any remaining files.
- In Safari > Preferences > General – make sure ‘Open “safe” files…’ is unchecked.
- Do the same for any other browsers you may be running.