Intego discovered the Mac Defender fake antivirus, which targets Mac users via SEO poisoning attacks web sites set up to take advantage of search engine optimization tricks to get malicious sites to appear at the top of search results. Since then, several variants have appeared: MacDefender, MacProtector and MacSecurity, all of which are the same application using different names. Intego today discovered a new variant of this malware that functions slightly differently.
MAC Defender is a rouge anti-virus program for Mac OS X being distributed via the web that will “detect” nonexistent threats as being present on the user’s system in an effort to persuade them to hand over their credit card information and purchase a “subscription” to the program. If the user does not purchase, the program will start popping up pornographic websites to create an actual problem on the system. SecureMac offers full analysis and removal instructions.