Security research and software maker Intego issued a warning on Wednesday that a variant on the MACDefender trojan application for Mac OS X is out, and this one doesn’t require user passwords before installing. Like the original MACDefender malware, the new version poses as an antivirus application and attempts to trick victims into giving up their credit card information.
MACDefender, now with variants
The new variant, dubbed MacGuard, can auto-download and launch its own installer when visiting Web sites designed to push the application to you Mac. Apple’s Safari Web browser will automatically run applications downloaded from the Internet by default, so users should disable the “Open ‘safe’ files after downloading” option.
To disable Safari’s auto-open downloads option, do this:
- Launch Safari
- Select Sa
fari > Preferences > Generalfrom the menu bar - Uncheck
Open “safe” files after downloading
Apple also advises users to quit, or force quit, their Web browser if a Web site is designed to trick you into thinking it is a Mac OS X window. To force quit an application, press Command-Option-Esc, select your Web browser from the Force Quit Applications dialog, then click Force Quit.
The Mac OS X Force Quit dialog
Apple released a Knowledge Base article earlier this week detailing how to remove the malware application, along with a promise that a system update designed to protect users will be coming soon.