Mac Defender, a malware that struck Mac computers earlier this month, had generated a great deal of panic in the Apple community, busting the virus-proof myth that Mac once held. The malware is essentially fake anti-virus software, giving false alarms to the users that their device is under threat. Upon installing the malware, it will lure the users into giving their credit card information.
Apple, who had been quiet about the issue for a while, had made an announcement on May 24, finally admitting the danger and promising that a system update that will remove Mac Defender will be available soon. The update was made available on Tuesday, May 31, just in time for Steve Jobs to have a breather before the annual Apple Worldwide Developers Conference kicks off on June 6, 2011. If the update had been delayed further, Jobs would have had tough time answering questions on Mac Defender at the conference.
The security update 2011-003, which is 2.36MB in size and works on Mac OS X 10.6.7, detects the Mac Defender malware, removes it and other known variants using the simple malware file quarantine feature that was first added to Mac OS X 10.6 Snow Leopard.
The quarantine feature examines external files downloaded within Mail, iChat, Safari or other file applications, warning users of downloads that match the malware definition.
It also regularly updates subsequent malware definitions to keep the Apple system clean.
One can download the security update by running software update in the Mac or by visiting Apple's download page.
If the daily security update check seem too intrusive, one can opt out of the daily malware definitions update check by unchecking the new Automatically update safe downloads list check-box in Security Preferences.
And, in case, you're not able to download the security update, try the following steps to remove the rogue antispyware program:
- Move or close the Scan Window
- Go to the Utilities folder in the Applications folder and launch Activity Monitor
- Choose All Processes from the popup menu in the upper right corner of the window
- Under the Process Name column, look for the name of the app and click to select it; common app names include: Mac Defender, Mac Security or Mac Protector
- Click the Quit Process button in the upper left corner of the window and select Quit
- Quit Activity Monitor application
- Open the Applications folder
- Locate the app ex. Mac Defender, Mac Security, Mac Protector or other name
- Drag to Trash, and empty Trash