This script is Copyright (C) 2011-2017 Tenable Network Security, Inc.
The remote Mac OS X host appears to have been compromised.
Using the supplied credentials, Nessus has found evidence that a fake
antivirus software named Mac Defender (alternatively, MacDefender,
MacGuard, MacProtector or MacSecurity) is installed on the remote Mac
OS X host.
The software is typically installed by means of a phishing scam
targeting Mac users by redirecting them from legitimate websites to
fake ones that tell them their computer is infected with a virus and
then offers this software as a solution.
Once installed, the malware will perform a 'scan' that falsely
identifies applications such as 'Terminal' or even the shell command
'test' ('[') as infected and will redirect a user's browser to porn
sites in an attempt to trick people into purchasing the software in
order to 'clean up' their system.
See also :
Follow the steps in Apple's advisory to remove the malware.
Risk factor :
Critical / CVSS Base Score : 10.0
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now