MACDefender, or Mac Defender, is a Trojan horse that first appeared in early 2011, masquerading as an antivirus program in an attempt to get users to share their credit card information over an unsecured site. The MACDefender rogue antivirus software targets Mac users via a phishing scam that redirects the users from legitimate sites to fake sites that make the user think their computer has been infected with a virus.
If a user were to click on the bogus link and install the MACDefender software, he or she would be presented with a professional-looking but ultimately fake antivirus program. The MACDefender malware installation could also begin automatically if Safari s “open safe file after downloading” option had been selected.
Once installed, MACDefender will periodically open pornographic sites in an attempt to make users believe they have a virus on their computer and as a result need to purchase the “registered version” of the MACDefender software with a credit card.
Variants of the original MACDefender Trojan have appeared recently with names such as Mac Security and Mac Protector. Apple has released a software update that automatically finds and removes the Mac Defender malware as well as its currently known variants.