Mac users have recently been targeted by a phishing scam that falsely claimed their computers were infected with a virus. Upon being redirected to an illegitimate website, users were instructed to install “Mac Defender,” which was malware masquerading as an antivirus application. Until recently, Apple had reportedly instructed its AppleCare support reps to deny any existence of the problem and said reps should “not remove or uninstall any malware” found on a computer. On Tuesday, however, Apple finally acknowledged the issue and posted instructions on its support forums that cover how to avoid and remove the Mac Defender malware. Hit the jump for Apple’s instructions.

Removal steps

• Move or close the Scan Window
• Go to the Utilities folder in the Applications folder and launch Activity Monitor
• Choose All Processes from the pop up menu in the upper right corner of the window
• Under the Process Name column, look for the name of the app and click to select it; common app names include: MacDefender, MacSecurity or MacProtector
• Click the Quit Process button in the upper left corner of the window and select Quit
• Quit Activity Monitor application
• Open the Applications folder
• Locate the app ex. MacDefender, MacSecurity, MacProtector or other name
• Drag to Trash, and empty Trash

[Via The Register]

Read

A recent rumor of a Gmail security vulnerability that reportedly led to people having their domains hijacked was proven to be false on Wednesday. The rumor claims that a flaw in Gmail allowed unauthorized users to access a user’s Gmail account and create a forwarding filter without their knowledge; effectively stealing all incoming email. The flaw, reported by Geek Condition, was brought to light on Sunday with several Gmail users complaining that their domain names were hijacked because of this vulnerability. Google launched their own investigation and announced on Wednesday that a Gmail security was not to blame. Rather, the people who reported hijacked domains were the victims of an elaborate phishing scam. The hackers sent emails to web domain owners encouraging them to visit fraudulent websites such as google-hosts.com whose sole purpose was to steal Gmail usernames and passwords. Once obtained, the usernames and passwords were used to create forwarding filters in compromised Gmail accounts and the information from the forwarded emails was then used to hijack the domains. Whew, Google dodged the bullet on that one and all Gmail users can rest easy now knowing that the reported Gmail security vulnerability is non-existent.

Read