Anti-virus outfit Intego has discovered a new malware program called MACDefender, which attacks Macs via SEO Poisoning. When unassuming users click a link after searching for something online in Safari, for instance, they are taken to a page which contains JavaScript which then downloads a file automatically. The group reports:
“In this case, the file downloaded is a compressed ZIP archive, which, if a specific option in a web browser is checked (Open “safe” files after downloading in Safari, for example), will open.”
It goes without saying that you shouldn’t install anything on your Mac unless you know exactly what it is, but for anyone that is worried, you should uncheck the default preference in Safari which allows “safe” files to open after downloading. This option is in the general section of Safari’s Preferences. The same goes for any other browser that you may use.
This malware program isn’t much threat at all right now, but according to MacRumors, some users only found out about the malware when they saw a pop-up asking for credit card information to sign up for an anti-virus package. This only happened when Safari was allowed to open “safe” files — so yeah, it may be a good idea to switch that off.
Article Via MacRumors
