While Mac computers are commonly considered safer from viruses than Windows PCs, attacks against Apple machines are on the rise, as evident by the emergence of a new bit of malware targeting Mac users.
According to a recent memo issued by security firm Intego, a new, more dangerous version of the Mac Defender scareware called MacGuard has surfaced as Apple prepares for the release of a security update for Mac OS X.
Like other variations of Mac Defender, MacGuard attempts to steal users’ credit card information through search engine optimization attacks, meaning it exploits popular Internet search terms to spread to Mac OS X-based machines.
However, the new malware is different from previous versions because it does not require user permission to be installed. As Intego pointed out, if the “Open safe files after downloading” option is checked in Safari, a downloader called avRunner will automatically be installed on the machine. avRunner will then download a fake security program, MacGuard, which will request users to submit credit card information.
If Mac users do access a web page that looks similar to the Finder window, the security firm recommended the web browser be closed immediately. Also, unchecking the Open safe files options in Safari should prevent such malware from being installed.
Last week, Apple announced that it would issue a new software update to detect and remove the MacDefender malware from a Mac OS X machine. Additionally, the update will warn users if they have downloaded the fake antivirus for Mac software.
Traditionally, cybercriminals have focused their efforts on the more widely used Windows-based PCs than on Macs. However, in recent years, the growing popularity of Apple computers have made them more popular targets for hackers, as evident with the emergence of such Mac-focused malware as the OSX_JAHLAV.D, OSX_JAHLAV.I and OSX_LAMZEV.A.