Mac Defender (Easy Removal Guide) - updated Jan 2020
Mac Defender Removal Guide
What is Mac Defender?
Mac Defender is a Mac virus that displays fake virus alerts and steals credit card information
Mac Defender is a rogue anti-spyware program that tries to make users pay for the full licence by showing them virus infection alerts
Mac Defender is a rogue anti-spyware software released back in 2011 that was first discovered and analyzed by Mac security experts at Intego.[1] Less than a month after the malicious program started attacking users all over the world, Apple released a patch that would automatically detect and remove Mac Defender from all versions of macOS.
In most cases, Mac Defender virus infiltrates the system automatically while users browse through a malicious site, click on the pop-ups offering to update software (Java, Flash Player, Media Player) or get deceived by fake virus detection message – most of these sites are reached due to search engine optimization poisoning.[2]
As soon as Mac Defender fake antivirus is installed, it takes over the system by configuring various system settings, along with settings of Safari, Chrome, Firefox, or any other installed browser. After that, malware will focus on displaying false virus alarms in order to make users pay between US$59.95 to US$79.95 for the full version of the software. Those who proceed risk facing identity theft, as cybercriminals behind Mac Defender can also steal credit card details that were entered during the payment process.
Name | Mac Defender |
Type | Mac virus, Mac malware, scamware |
Also known as | OSX/MacDefender.F, OSX/MacDefender.G, OSX/FakeMacDef.A, Trojan-Downloader:OSX/FakeMacDef.A, Rogue:OSX/FakeMacDef.A |
Versions | Mac Protector, Mac Security, Mac Shield, Mac Guard |
Distribution | SEO poisoning attacks, malicious websites |
Main dangers | Mac Defender seeks to extort the credit card details from its victims who can later be used for malicious purposes, such as identity fraud/theft and targeted phishing attacks |
Removal | Download and install reputable anti-malware tool for macOS |
Optimization | To get rid of junk on your Mac, scan it with FortectIntego |
Besides seeking to steal credit card information from unsuspecting users, Mac Defender also will show users pornographic, as well as other potentially malicious content. In such a way, those that have the rogue installed on their system can make matters much worse, as the installation of other malicious software is a high possibility. This is why security experts always recommend using security software that would prevent infections like the Mac Defender virus.
The most important thing that you have to remember is that Mac Defender is not capable of performing a genuine scan. It only mimics the process and presents users with pre-coded search results in order to scare them into thinking that their computers are seriously infected. For example, one of the messages that the infected user may encounter reads the following:
The system is infected
Your system is infected. It's highly recommended to cleanup your system to protect critical information like credit card numbers, etc.
This way, Mac Defender rogue seeks to intimidate users into buying the premium version of this program, which is supposedly the only way to fix the errors and get rid of the alleged malware. In order to do that, you will be urged to click the “Register” button, disclose your credit card details, full name, and other personally identifiable information for making the payment and upgrading a supposedly powerful anti-malware.
Mac Defender is a type of Mac malware that tricks users to install it via fake online scan prompts
Security experts warn users not to purchase Mac Defender license due to several reasons:
- Mac Defender has no virus database, so it is capable of removing none of risk-posing programs;
- You may give away your money straight to cyber criminals;
- You may disclose sensitive data to online scammers.
In addition to that, we highly recommend you to get rid of Mac Defender rogue as it may initiate redirects to pornographic websites, cause slowdowns or system freezes, and similar issues, in order to make you think that your computer is contaminated with viruses.
Nevertheless, we are pretty sure that the only virus hiding in your computer is Mac Defender. If it has already started its fake scans, the best that you can do is run a full system scan with a powerful anti-malware tool. To find more details about Mac Defender removal, please check the bottom section of this article.
Mac Defender versions
Mac Defender is one of the hundreds of rogue anti-spywares, such as Antivirus Pro 2017, Protective Antivirus 2015, Zorton Win 8 Antivirus 2014, and many others. However, it differs from the others because it is specifically targeted at macOS, and at the time of its release was one of the first examples of Mac malware.
As soon as security researchers from Intego discovered Mac Defender Malware, new variants of it quickly followed.[3] These were exact copies of the original malware but were named differently – Mac Protector, Mac Security, Mac Shield, and Mac Guard. All the apps were designed to do the same thing and functioned identically – show fake alerts and steal users' credit card information.
According to ZDNet, there could have been approximately 60,000 users infected with Mac Defender at the time, all while Apply did not respond for almost a month, and the issue kept growing.[4] Fortunately, in late May 2011, the tech giant released a software update that would automatically detect and remove Mac Defender virus. Thus, those that have applied these patches should be safe from it.
Note: if you were infected with Mac Defender, you might find your computer running slow after it is terminated, as it might have dropped multiple useless files on the system. To clean it and boost the performance of your computer, scan it with FortectIntego.
Quickly after Mac Defender initial release, security experts noticed several other versions in the wild
Avoid rogue software to prevent data leak and further infections
Security experts have traced the main means through which this rogue can spread. First of all, you have to be extra careful with pop-up ads that pretend to be free online scanners. If people get tricked into using this scan, they get predetermined results informing about various computer infections and unconsciously activate this rogue anti-malware.
Always keep in mind that there is no such thing as an online computer check. Thus, clicking “fix” or any other button provided on the pop-up may end up with a rogue anti-spyware on your computer. In addition, it may be distributed via professional looking spam emails, fake software update alerts, and so on. Therefore, keep all these distribution methods in mind and try to bypass all suspicious content that shows up during your browsing.
Remove Mac Defender virus immediately
If you suspect that you have just installed the malware because it keeps delivering pop-ups and initiate fake system scans from time to time, you should not waste more time and remove Mac Defender without any delay. In order to do that, a full system scan with a reputable anti-malware is recommended, which will not only remove this rogue but will also get rid of its leftovers and other suspicious apps. For Mac Defender removal, we recommend running a full system check with SpyHunter 5Combo Cleaner, which is a powerful tool designed specifically for macOS-based computers.
To download this tool, you may have to close the Mac Defender window first. For that, you just have to click the (X) button or force the process to terminate. Note that background processes might still be running, which would hinder Mac Defender removal. To avoid that, you can call up the Activity Monitor and shut down the tasks related to the rogue app. Here's how:
- Click on Finder app located on your dock
- Select Applications
- Go to Utilities
- Double-click Activity Monitor
- Find all the tasks associated with Mac Defender and shut them down by pressing X at the top
You may remove virus damage with a help of FortectIntego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.
Getting rid of Mac Defender. Follow these steps
Delete from macOS
Remove items from Applications folder:
- From the menu bar, select Go > Applications.
- In the Applications folder, look for all related entries.
- Click on the app and drag it to Trash (or right-click and pick Move to Trash)
To fully remove an unwanted app, you need to access Application Support, LaunchAgents, and LaunchDaemons folders and delete relevant files:
- Select Go > Go to Folder.
- Enter /Library/Application Support and click Go or press Enter.
- In the Application Support folder, look for any dubious entries and then delete them.
- Now enter /Library/LaunchAgents and /Library/LaunchDaemons folders the same way and terminate all the related .plist files.
After uninstalling this potentially unwanted program (PUP) and fixing each of your web browsers, we recommend you to scan your PC system with a reputable anti-spyware. This will help you to get rid of Mac Defender registry traces and will also identify related parasites or possible malware infections on your computer. For that you can use our top-rated malware remover: FortectIntego, SpyHunter 5Combo Cleaner or Malwarebytes.
How to prevent from getting mac viruses
Choose a proper web browser and improve your safety with a VPN tool
Online spying has got momentum in recent years and people are getting more and more interested in how to protect their privacy online. One of the basic means to add a layer of security – choose the most private and secure web browser. Although web browsers can't grant full privacy protection and security, some of them are much better at sandboxing, HTTPS upgrading, active content blocking, tracking blocking, phishing protection, and similar privacy-oriented features. However, if you want true anonymity, we suggest you employ a powerful Private Internet Access VPN – it can encrypt all the traffic that comes and goes out of your computer, preventing tracking completely.
Lost your files? Use data recovery software
While some files located on any computer are replaceable or useless, others can be extremely valuable. Family photos, work documents, school projects – these are types of files that we don't want to lose. Unfortunately, there are many ways how unexpected data loss can occur: power cuts, Blue Screen of Death errors, hardware failures, crypto-malware attack, or even accidental deletion.
To ensure that all the files remain intact, you should prepare regular data backups. You can choose cloud-based or physical copies you could restore from later in case of a disaster. If your backups were lost as well or you never bothered to prepare any, Data Recovery Pro can be your only hope to retrieve your invaluable files.
- ^ Peter James. Intego Security Memo – MAC Defender Fake Antivirus Program Targets Mac Users. Intego. Security research blog.
- ^ Spamdexing. Wikipedia. The free encyclopedia.
- ^ Peter James. Intego Discovers New Variants of Mac Defender Fake Antivirus. Intego. Security research blog.
- ^ Ed Bott. Apple continues to tell support reps: do not help with Mac malware. ZDNet. Breaking news, analysis, and research .