P.T. Barnum is widely quoted as having said "there's a sucker born every minute." Some victims of the MAC Defender malware, unfortunately, are apparently proving the adage true.
While many media outlets scramble to announce one of the first fake antivirus efforts targeting Macs, the potential for misinformation exists. Some news sites are reporting that the MAC Defender has been "discovered in the wild" and the attack is turning into a "scourge."
Innocent users are certainly being affected, but Macs have never been immune from viruses, just better protected. Does the latest MAC Defender announcement mean the days of Mac security superiority are over? Hardly. Never let the facts get in the way of a good story, right?
The fake antivirus application can only infect a Mac if the user clicks on a poisoned SEO link with Mac spelled wrong (MAC vs. Mac), falls for a fake infection window, has Safari set to open "safe" files after downloading (the setting is in the Safari Preferences General section and is typically checked by default), walks through the malware program's installation routine, and enters the system administrator password to enable the installation. Users essentially must install this infection intentionally. I think educated Mac users will reason that it's a little different than having thousands of self-replicating viruses in the wild.
The MAC Defender infection reportedly doesn't do much more than load a handful of adult-oriented Web sites and generate a few reminder alerts. Identity theft doesn't look to be a threat unless victims take the additional step of supplying their credit card information within the malware program as an act of registration. The security firm Intego classifies MAC Defender as a low risk.
That said, the hoopla surrounding the MAC Defender infection isn't totally unfounded. It's a sign that, as Mac market share increases, the platform will increasingly prove attractive to hackers. Mac users need to keep that in mind and remember that just because Mac OS X typically proves more secure than Windows, it's not foolproof. In the case of MAC Defender, removal is fairly straightforward. CNET lists the steps for removing MAC Defender.
Business Mac users aren't likely to fall for MAC Defender. Regardless, the episode should serve as a reminder that even Mac users require constant education about Web-based security threats. Just as Windows users should avoid haphazardly clicking on links and loading software from unknown sources, so too should Mac users.
Erik Eckel owns and operates two technology companies. As a managing partner with Louisville Geek, he works daily as an IT consultant to assist small businesses in overcoming technology challenges and maximizing IT investments. He is also president of Eckel Media Corp., a communications company specializing in public relations and technical authoring projects.