MacDefender Now Spreading Via Facebook--Windows Users at Risk, Too


« SonyPictures.com Breached... How Does That Affect You? | Main | MacDefender Screenshots... So Here's What it Looks Like »

06/07/2011



MacDefender Now Spreading Via Facebook--Windows Users at Risk, Too

Kevin R. Smith
Co-Editor


MacDefender, the (in)famous fake antivirus software that prompted Apple to release updates to OSX specifically to help protect its users, is now on the loose on Facebook, too, and according to Sophos antivirus staffer Graham Cluely

Mac OS X malware is being spread by sick messages spreading virally across Facebook, claiming to be a video of controversial IMF boss Dominique Strauss-Kahn.

"The fake anti-virus attack first appears in your timeline as a message apparently posted by one of your friends.
This screenshot from his post to the Sophos blog on MacDefender spreading on Facebook shows what the fake post looks like:


The contents of the fake post are awful; what's next is also awful. Here's what Cluely describes happened to him:

Clicking on the link takes you to a webpage, which appears to consist of a still from a sex movie.

"However, when I visited the page on my Apple Mac I was rapidly redirected to a 'Mac Defender'-style fake anti-virus attack, written specifically with the intention of infecting my computer.
This time, we see a slightly different warning screen than prior ones that have surfaced.

Here's the first screenshot of MacDefender's bogus warnings:


...and now here's the most recent one Cluely saw:



It's a little different but the bogus message is the same, your computer is infected!

Whatever the case, it's 100% bogus and relies on users to install the malware, which is a trojan, by the way--definitely no good.

One last thing that's important to know about this MacDefender on Facebook problem: It's not just limited to Mac users: Windows users are now vulnerable, too, as,
If you click on the link from a Windows computer it's possible you could be taken to a webpage that attempts to infect you with the Troj/Mdrop-DMN Trojan horse.
So now what?

The bottom line is regardless of if you're running Mac or Windows, MacDefender is trying to get you in its crosshairs.

No matter what it's called or how it works, it's bogus.

Don't install it. If you do try to, and you're a Mac user, chances are the latest Mac update should help prevent installation or remove it if you've already got it. (If you need it, here are complete MacDefender removal instructions.)

If you're a windows user, removing it on your own is going to be more of a task and short of re-install Windows from scratch, it may require antivirus software to get rid of it.

Comments

You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.