September 25, 2016

Apple Release OS X Update in Fight Against MacDefender Malware

The MacDefender malware has been playing havoc with unwitting Mac users for the last month or so and last week Apple acknowledged its existence and promised a security update to OS X. The good news is that Apple have now shipped the promised update and MacDefender removal tool.

Security Update 2011-003 does three very specific things:

  1. The OSX.MacDefender.A definition has been added to the malware check within File Quarantine. Information on File Quarantine is available in this Knowledge Base article: http://support.apple.com/kb/HT3662
  2. The system will check daily for updates to the File Quarantine malware definition list. An opt-out capability is provided via the “Automatically update safe downloads list” checkbox in Security Preferences. Additional information is available in this Knowledge Base article: http://support.apple.com/kb/HT4651
  3. The installation process for this update will search for and remove known variants of the MacDefender malware. If a known variant was detected and removed, the user will be notified via an alert after the update is installed. Additional information is available in this Knowledge Base article: http://support.apple.com/kb/HT4651

Mac users were getting infected by MacDefender when they were redirected from legitimate websites to fake websites which told them that their Mac was infected with a virus. The user is then offered the MacDefender “anti-virus” software to solve the issue. Of course, this “anti-virus” software is in fact malware trying to get credit card information. The most common names for this malware are MacDefender, MacProtector and MacSecurity.