A new piece of malware called MACDefender is currently targeting users of Mac OS X, says security firm Intego. The exploit begins with a person clicking on a link to a malicious site with special embedded JavaScript code. The code triggers a ZIP file download; if a browser like Safari is set to open downloaded files automatically, people are then presented with an installer interface.
Mitigating the seriousness of the threat is that the malware requires people to accept installation and provide an administrator password. It is also possible to disable automatic launch of downloaded files, assuming the option has been turned on in a browser in the first place. Apple support forum posters observe that it’s possible to scrub the malware by killing processes in Activity Monitor and then dragging MACDefender from the Applications folder to the Trash.
Sadly, the software coincidentally shares a name with a small company responsible for two apps, GCStatistic and DTmatrix. The outfit denies any association with the malware and have a good rebutation in the Mac community.
