MAC Defender

Posted: May 4, 2011

MAC Defender Description

MAC Defender is a rogue security program designed to target Macintosh computers. Harmful websites related to MAC Defender attempt to infect your computer by using fake infection warnings to frighten you into downloading MAC Defender of your own free will. Like other rogue security programs, MAC Defender will hijack your web browser to redirect you to harmful websites as well as displaying fake error messages about nonexistent threats to your computer. You should avoid paying for MAC Defender at all costs, and remove MAC Defender from your system by using Macintosh-compatible anti-malware software.

Rogue Security Applications – No Longer Just for Windows

Websites that market MAC Defender abuse search engine keywords to appear high in search results for Google and other popular search engines. However, it should be noted that MAC Defender is unaffiliated with both macdefender.org and macdefender.com, which are legitimate websites. Malicious MAC Defender-linked websites are known for displaying fake Windows alert screens that warn you about a (fake) system infection. JavaScript is then exploited to download MAC Defender onto your computer.

Despite the Windows appearance of the initial alert, MAC Defender is designed to target Mac OS X computers instead of Windows-based systems. Although MAC Defender has a very sleek appearance with relatively few flaws, MAC Defender is not an official Macintosh program. The most obvious telltale sign of MAC Defender's fraudulent nature is the fact that 'Mac' is spelled in all caps; in the legitimate Macintosh brand, 'Mac' is spelled with only an uppercase 'M.'

So far, the initial installer for MAC Defender is always a .zip file; one observed name for the file is 'BestMacAntivirus2011.mpkg.zip.' Unusually for a rogue security program, MAC Defender may require some user interaction to install via password input. At least two different delivery packages for MAC Defender have been seen - one containing a proper installer, while the other simply contains the ready-to-run program.

After MAC Defender Gets into Your Computer

By adding itself to your Login Items, MAC Defender will launch every time your computer starts. The main problems associated with MAC Defender include:

  • Fake system scans that indicate serious problems with your computer, such as dialer infections in the Terminal or the presence of rootkits.
  • Being redirected to pornographic websites by way of the default web browser application.
  • Creating Growl-based warnings about infections that your computer, in reality, doesn't have. Here's an example of one error that MAC Defender uses:

    The system is infected
    Your system is infected. It's highly recommended to cleanup your system to protect critical information like credit card numbers, etc.

MAC Defender causes these problems in an attempt to procure your credit card number in exchange for purchase of a full version license. Licensing MAC Defender will cause MAC Defender to stop producing fake errors but other problems may remain. There is also no Dock icon that would let you disable MAC Defender.

Instead of giving your credit card to criminals, you should consider using good anti-malware software to delete MAC Defender. Be certain to update your software before undergoing a system scan, since MAC Defender is fairly new as of May 2011 and may avoid scanners that aren't updated.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to MAC Defender may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %UserProfile%\Desktop\MacDefender.lnk
    2 %UserProfile%\Start Menu\Programs\MacDefender.lnk
    3 /Application/MacDefender.app/
    4 /Application/MacDefender.app/Contents
    5 /Application/MacDefender.app/Contents/Info.plist
    6 /Application/MacDefender.app/Contents/MacOS
    7 /Application/MacDefender.app/Contents/MacOS/MacDefender
    8 /Application/MacDefender.app/Contents/PkgInfo
    9 /Application/MacDefender.app/Contents/Resources

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\Software\MAC Defender

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to MAC Defender may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.