The Latest in IT Security

MacDefender undergoes a name change, MacShield

03
Jun
2011

The MacDefender malware has morphed again, now taking the guise of “MacShield.”   As in the case of its oldest sibling MacDefender, the MacShield variant has taken the name of a legitimate Mac OSX software product with small distribution, doubtless causing the real developer significant heartache.

The UI is essentially unchanged, but as usual all of the dialogs and alerts have been updated with the new naming:

 

The UI contains the typical reassuring gibberish bragging about 250 “specialists” working in “more than 10 countries,” and a database that includes “almost all known dangerous software.” With all that expertise on-hand, it’s rather surprising that doesn’t detect itself as malware.

To lure MacShield follows the same scareware tactics as the MacDefender malware.  The risk of infection can be reduced per the comments in my earlier blog, and removal of the malware follows the exisitng guidelines published by Apple or in our KB article here.

ESET Cybersecurity detects the MacShield variant as OSX/Adware.MacDefender.K.     

Leave a reply


Categories

SATURDAY, JULY 31, 2021
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments