Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Mac users hit by first rogue antivirus app

Poisoned searches - including Bin Laden death - used as lure

Article comments

Mac users are being warned to study search engine results carefully for the first significant fake antivirus ‘scareware’ program to target the platform and its loyal following.

The threat has been named OSX/MacDefender.A by Mac security specialists Intego, which on its own offers a clue to its unusual nature. This is not simply a cross-platform threat looking to widen its net to catch a few extra victims but a specially written program Mac application that just happens to be bogus.

The scam is identical in form to the large numbers of scareware scams faced by Windows users day in, day out. A malware link encountered through a poisoned search – currently including ones mentioning the death of Osama Bin Laden - launches a Java-based scan script that claims to find malware on the user’s system.

If the victim falls for this ruse, the malware starts to install a convincing-looking but bogus application called MAC Defender, which also requests the admin password. The application will then launch itself every time the Mac is turned on and makes it as difficult to stop running as the Dock function has been disabled.

“This application is very well designed, and looks professional,” note researchers for Intego, which first publicised the threat. “There are a number of different screens, and the grammar and spelling are correct, the buttons are attractive, and the overall look and feel of the program give it a professional look. It will occasionally display alerts, telling users that viruses are found.”

Fake antivirus has been around on Windows for several years where it has become a mundane and common threat barely worth mentioning. In the Mac world, it is unheard of which gives the criminals who took time and care to craft a Mac-only application the motivation to look for new victims.

It is worth mentioning, however, that the latest attack also comes in a.exe version to target Windows users.

Apple users tempted to pay for antivirus software in order to counter an infection, however imaginary, should be reminded that free programs for Macs are available from several companies, including Sophos and PC Tools.




Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *