First Off:
You can limit your exposure to these kinds of scams and malware. The malware targets Safari, so follow these steps to protect your Mac:
1 - Launch Safari.
2 - Select Preferences > General from the Safari menu.
3 - Uncheck the "Open 'safe' files after downloading" box found in the area I've outlined in red below:
What a MacDefender attack looks like
MacDefender attacks your Mac from any site on which a hacker has installed a custom JavaScript. Visiting a web page that you believe is benign runs a JavaScript that redirects you to a malicious website. These sites are changing from day to day, so it's virtually impossible to block them.
Once your browser has been directed to the malevolent site, you'll see a page very similar to the one seen at the top of this post. It's telling you that your Mac is infected with viruses. As mentioned earlier, hackers are already changing the look of the malicious websites, so don't expect the page to look exactly like this.
Usually, just visiting the bad website downloads a file to your hard drive. That file is generally named something like BestMacAntivirus2011.mpkg.zip or anti-malware.zip, but the name may be different. Keep an eye on your downloads folder and keep it clean so that any new downloads that cause the folder to "bounce" will catch your attention, and you may catch that the malware file has been downloaded. It has an extension of .mpkg and a name of MacDefender, MacSecurity, or MacProtector. If you see this file in your downloads folder, put it into the Trash, empty the Trash, and you've just saved your Mac from the malware.
If your Mac is set up to automatically open "safe" files, you still have a chance to keep MacDefender off your machine. In this case, the file is unzipped and the installer package (a file with an .mpkg extension) launches. You're going to see a standard installer window that looks something like this:
Go Back and Delete...
No comments:
Post a Comment