How to Remove Mac Defender/Security/Protector Fake AntiVirus Phishing Malware

1 Comment Tweet

The false perception that Mac OS X is relatively safer than Windows operating system has finally been shaken. Lately there are bus load of fake anti-virus malware that engages in phishing attempt on Mac OS X users. The working of fake anti-virus malware is similar to Windows version – the malware informs user that the Macintosh is infected with a virus, and then offers user a fake anti-virus software in the name of MacDefender, MacProtector and MacSecurity, etc.

The anti-virus program offered is actually fake and the offer is malicious in intent. The main aim of the malware is to steal user’s credit card information for fraudulent purposes. This type of phishing attempts have been very common on Windows platform, but has just recently been “ported” to Mac OS X platform, which, unfortunately, is vulnerable too.

After days in denial and blames users for not exercising caution when visiting unknown websites and downloading unsafe programs, Apple finally acknowledges the malware issue, and intends to release a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants. The update will also help protect users by providing an explicit warning if they download this malware.

While waiting for the update, Apple provides that a guideline on how to avoid or manually remove this malware.

How to avoid installing this malware

If any notifications about viruses or security software appear, quit Safari or any other browser that you are using. If a normal attempt at quitting the browser doesn’t work, then Force Quit the browser.

To Force Quit an application, choose Force Quit from the Apple menu (or press Command

View the Original article

New Malware captures Facebook account, warns Emsisoft

Emsisoft malware analysts have detected a massive outbreak of new Facebook Malware. A current variant even hijacks the user’s Facebook account.

Sometime back Emsisoft discovered the activities of the Facebook threat Trojan-Downloader.Win32.FraudLoad.

Now there is a new version, taking over ones complete Facebook account!

A few days ago a new Facebook Malware became active. Users of Emsisoft Anti-Malware are already protected from the new variant detected as Worm.Win32.Yimfoca!A2 or Trojan.Win32.Scar!IK.

View the Original article

Security Essentials Has An Evil Malware Clone

Reported by the Microsoft Malware Protection Center on Sept 1st, a new malware attack is out that not only tries to foist a fake clone of Microsoft Security Essentials on victims but it also customizes fakes browser warnings.

The attack looks strikingly similar to the real deal and it can be tricky to tell the difference even with an experienced eye. It starts out with a slick social engineering move by detecting what browser is in use and putting up the appropriate warning page. Right now it has warnings for IE, Firefox, and Chrome. The faked warning page looks almost exactly the same as the real warning page. The difference is that the fakes have some misspellings and also urge the user to get new virus protection via an update or upgrade.

When the user clicks the upgrade link they are sent to the homepage to download the malware Rogue:MSIL/Zeven. The homepage is itself another clone, it closely resembles the real Microsoft Security Essentials homepage. It even has a link to the real Microsoft Malware Protection Center.

When installed the malware looks like a convincing real anti-virus named Win7 AV with all the features including scans, updates and alerts for out-of-date definitions, and settings but none of it work. It will do the usual “scan” and then claim to have found a bunch of awful malware that it can’t remove without paying some money to upgrade to the full version. If the user decides to buy the full version it pops a window that claims to have strong encryption in “Safe Browsing Mode” that will actually do nothing to secure credit card data.

Even though this is such a cunning attack, it is possible to avoid it by remembering a few details. First, real browser warnings won’t have a link or message trying to get the user to download anything, they will also have no misspellings. Second, Microsoft Security Essentials is a totally free software so they wouldn’t ask for money anywhere on the program or website. Careful browsing will avoid traps like this and others.

Be sure to visit the original article linked above for the great screenshots!

Join 16,500

View the Original article