New version of MacDefender scareware takes name of legit product MacShield
MacDefender, the fake antivirus malware targeting Mac OS users that stole headlines in the month of May has changed names yet again. It can now be found under the name "MacShield."
The fake antivirus program, best classified as scareware, has gone by five different names since it was discovered: MacDefender, MacProtector, MacSecurity, MacGuard, and MacShield. The premise of the malware and its UI remain unchanged from version to version, according to security companies Intego and ESET.
Though MacDefender was identified about a month ago, the real cat and mouse game between Apple and these particular malware authors has only been going on for a few days. Apple issued a Snow Leopard security update (2011-003) on May 31, and in less than 24 hours, the malware had already changed. After another signature update, the malware changed again.
Interestingly, the scareware's current name "MacShield" is also the name of a completely legitimate Mac product by Centurion Technologies. That MacShield, however, is a hard drive configuration protection tool for legacy PowerPC-based Macs and doesn't even exist for Snow Leopard.