Mac Guard: Apple users hit by second Mac malware scam
Mac users, accustomed to computer security through obscurity, have weathered a pair of malware attacks. This time, it's Mac Guard.
Earlier this month, Mac users began noticing advertisements for a product called Mac Defender, which promised to keep out a range of nasty malware and computer viruses. The problem: Mac Defender was a piece of malware itself. Once downloaded, the program wreaked all sorts of havoc on your machine, and in some cases, apparently flooded your screen with pop-up pornography sites.
Now comes word that Mac Defender –– which required users to actually click through a few sites and enter a password before the malware latched onto the hard drive –– has spawned the variant bug Mac Guard, which requires users to enter no password at all. Instead, the malware downloads more or less automatically, after a user has logged on to one or another fake sites. More information here.
This is terrible news for the legions of Mac users worldwide, who are very used to bragging that their machines never get viruses. ("Oh, you have a Windows machine? That's so sad. You must get SO much malware," etc.) But fret not –– solutions abound. You can, for instance, click over to a site such as BleepingComputer.com, which has uploaded a comprehensive and easy-to-follow Mac Defender-removal kit.
Or you can visit the new Apple support page, which updated its anti-Mac-malware solutions. Of course, you still may be left with a question: Is this the sort of bug that Mac users should start getting used to? (In other words, will you have to stop incessantly teasing your PC user friends?) The answer: It's hard to say.
"There's a message implicit in Apple's support page and upcoming patch for Mac Defender: This is a single security threat, and we can handle it," Jared Newman writes over at PC World. "But as Mac Guard demonstrates, the response sets a precedent that could be difficult to maintain. A software update may repel Mac Defender and its variants, but I'd be shocked if future malware attacks didn't require a fresh response."