Mac Defender trojan (virus) information

It looks like reports of the "Mac Defender" trojan/virus/malware are the real deal. Several Apple discussion forums related to the Mac Defender trojan (it's not a virus) have several thousands page-views and hundreds of comments. You can find these threads by searching Google with this query:

site:discussions.apple.com mac defender

or by following this URL, which should run that same query.

It looks like the first reports of the Mac Defender trojan on the Apple discussion forums started as early as April 30, 2011, which you can see at the beginning of this thread.

Is it a virus, trojan, or phishing attack?

Technically, the Mac Defender "malware" is not a virus, as it does not spread from one computer in your home to another. However, it does appear to be an application that can be downloaded from a website and immediately start running on your Mac, so it's more than a simple "phishing" attack. People seem to be referring to it as a "trojan" more than anything else.

Mac Defender trojan information

I've read several hundred Apple discussion forum posts so far, and from what I've seen, you can only get this trojan on your system if:

  1. You use Apple's Safari web browser, and
  2. The Safari option named 'Open "safe" files after downloading' is enabled, and
  3. You visit a website that has this malware on it.

I haven't seen any reports of Firefox or Chrome users having this trojan run on their Mac computers. Sadly, the Safari "Open safe files after downloading" option seems to be enabled by default, which seems like an extremely dumb thing for Apple to have done.

There's a detailed discussion of how this works on this Apple forum web page.

Removing the Mac Defender trojan

If you just downloaded the Mac Defender trojan, and it's sitting in your Downloads folder or on your Desktop, you're in good shape. Just drag that flie to the Trash to delete it.

If the program is running, you're not in good shape. I just wrote about How to remove the Mac Defender trojan.

Protecting yourself from the Mac Defender trojan

At the moment, it looks like the easiest way to protect yourself from the Mac Defender trojan is to NOT use Safari. I've detailed this in my Preventing the Mac Defender trojan article.

Post new comment

The content of this field is kept private and will not be shown publicly.