By Greg Mills

Well, I read about it and now I have seen it myself. I was searching Google images for “Arabic decor” when, suddenly, I opened an image and got a number of pop-ups that warned me my computer was infected — and also magnanimously offered to help me.  

I had the pop-up blocker on Safari turned on, so it overcame that feature. A number of Safari style small windows popped up as well as an app installation window.  I shut down Safari and checked my hard drive for “Mac Defender” and didn’t find anything. Recent versions of Mac Defender don’t even need authorization to load, so I was concerned.

It is easy to see how users who hadn’t heard about that Apple specific malware could be taken in. The news on the web is that a Russian company called ChronoPay is involved. The financial controller, Alexandra Volkov of ChronoPay, has tentatively been linked to Mac Defender malicious rogue application. ChronoPay denies the accusation but has a history of selling worthless virus protection, so it all fits together.  

Apple is reportedly preparing to “patch the vulnerability” of Apple system software with the next update of the Mac OS X. Patching the tendency of the user to download malware applications is much harder. When something like Mac Defender pops up, shut down the browser and don’t click any buttons, they may not do what they are labeled to do.  

While the Mac Defender isn’t a worm or virus, it is malware since, once loaded, it makes your computer do things you don’t want it to do. It is sort of a rogue application rather than a Windows style virus or worm. Security experts on the Mac OS all make it clear, Mac Defender isn’t a fault of the Mac OS or Apple, per se.

One of my readers sent me a quotation from Peter James, spokesperson for Intego: “This is not a Mac OS X vulnerability, but social engineering, taking advantage of users who are unaware of what is happening”

I am of the opinion ChronoPay ought to pay in the form of having all their web sites being blocked by Safari. Google ought to also warn of potential malware for any web site that links to ChronoPay, even as a merchant using ChronoPay services. I presume from what I read that ChronoPay is sort of like a Russian Mob version of PayPal.  

Thats Greg’s Bite on Mac Defender.

(Greg Mills is currently a graphic and Faux Wall Artist in Kansas City. Formerly a new product R&D man for the paint sundry market, he holds 11 US patents. Greg is an Extra Class Ham Radio Operator, AB6SF, iOS developer and web site designer. He’s also working on a solar energy startup using a patent pending process for turning waste dual pane glass window units into thermal solar panels used to heat water see: Married, with one daughter, Greg writes for intellectual property web sites and on Mac/Tech related issues. See Greg’s art web site at He can be emailed at )