homepage Welcome to WebmasterWorld Guest from 54.234.147.84
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / WebmasterWorld / The Macintosh Webmaster
Forum Library, Charter, Moderators: travelin cat

The Macintosh Webmaster Forum

    
Fake Mac Security Software Catching Out Users
engine




msg:4314753
 4:17 pm on May 19, 2011 (gmt 0)

Fake Mac Security Software Catching Out Users [bbc.co.uk]
A fake security program for Apple computers called MACDefender has racked up a significant number of victims.

Hundreds of people who installed the software have turned to Apple's forums for help to remove it.

The program's tactic of peppering screens with #*$!ographic pictures has made many keen to get rid of it.

MACDefender seems to have been successful because of the work its creators did to make it appear high up in search results.



Is the Mac now fare game? It used to be reasonably clear of scamware. Android/Chrome O/S will be next, i'm sure.

Earlier
MacOS Crimekit is disturbing news [webmasterworld.com]

 

lucy24




msg:4314813
 5:28 pm on May 19, 2011 (gmt 0)

MACDefender seems to have been successful because of the work its creators did to make it appear high up in search results.

Some folks around here would probably like details ;)

incrediBILL




msg:4314911
 8:28 pm on May 19, 2011 (gmt 0)

I've always said the Mac was only secure because of it's relative obscurity in low numbers and now that Apple has managed to improve market penetration, so have the hackers.

People will be scrambling for Norton for Mac now.

Enjoy!

wondering where all the smarty pants are now that always jump on windows security issues claiming Mac did it right... bwahahahaha

J_RaD




msg:4314914
 8:30 pm on May 19, 2011 (gmt 0)

oh but all the mac people will tell you a Mac can't get viruses and malware, even apple will tell you the same thing in their commercials

:-P

travelin cat




msg:4315270
 2:11 pm on May 20, 2011 (gmt 0)

J_RaD, only the ignorant people will say that. Just like on any platform.

Samizdata




msg:4315392
 4:41 pm on May 20, 2011 (gmt 0)

Some folks around here would probably like details

Reports I have seen suggest that it has been exploiting high Google rankings for searches as diverse as "Osama bin Laden", "Mothers' Day" and "Frank Lloyd Wright". Google Image searches seem to be particularly affected. I have yet to see anyone blame a panda.

The host site apparently uses a pop-up window claiming infections have been detected and offering a scan - the scan (actually an animation) takes a few seconds and in some reports claims that viruses have been detected on the C drive (seriously).

Some variants do an immediate drive-by download of a .zip archive that may automatically be opened depending upon browser settings. Safari, Chrome and Firefox have all been cited.

It is not a virus. It is scareware and has to be installed manually. I have seen no reports of any actual system damage, though some people have paid for the program by credit card.

Removal is done by terminating the active process in Activity Monitor before deleting the application and any associated files found with a basic search.

Comments on various forums unsurprisingly confirm that idiots who own Macs are just as stupid as idiots who habitually use other platforms.

Enjoy!

Thank you.

...

engine




msg:4315399
 4:47 pm on May 20, 2011 (gmt 0)

Yeah, I did say it was scamware. ;)

Either way, as was rightly indicated, this will get worse as iPads/tablets and Android, etc., take off.

incrediBILL




msg:4315406
 5:05 pm on May 20, 2011 (gmt 0)

It is not a virus. It is scareware and has to be installed manually.


Many viruses have to be installed manually as well, such as clicking the file attachment in the email.

It's more often human stupidity spreading a virus or a botnet than an actual OS vulnerability because people are stupid, naive and greedy and will often fall for anything like "click here to get your $500 Walmart gift certificate"

Samizdata




msg:4315408
 5:09 pm on May 20, 2011 (gmt 0)

this will get worse as iPads/tablets and Android, etc., take off

My understanding is that the same scamware (presumably under a different name) is also available for Windows, where a couple of hundred victims might be deemed insignificant.

What struck me here was how easily Google Image search is being exploited.

...

martinibuster




msg:4315434
 5:43 pm on May 20, 2011 (gmt 0)

where a couple of hundred victims might be deemed insignificant.


More than that have encountered this issue. The hundreds mentioned in the article are only the ones who have turned to the forums for help. ;)

+1 for incredibill. False sense of security and all that. It doesn't mean that Macs are as insecure as Windows. Just that hackers/scammers are turning to the next ripe target. I don't think any OS or device is hacker or exploit proof.

Samizdata




msg:4315448
 6:11 pm on May 20, 2011 (gmt 0)

I don't think any OS or device is hacker or exploit proof

I entirely agree.

But having looked at quite a lot of user reports, almost without exception those who knew how they had been infected with this particular nasty mentioned Google Image Search, and that is what I found most interesting.

...

Solution1




msg:4315604
 4:37 am on May 21, 2011 (gmt 0)

An AppleCare support rep says this [zdnet.com] about what they're supposed to do about MacDefender when customers call them for help:

Our notice for Mac Defender is that we’re not supposed to help customers remove malware from their computer.

Samizdata




msg:4315629
 8:11 am on May 21, 2011 (gmt 0)

To be fair, the anonymous source continues:

"We give them links to Norton. McAfee, and Sophos."

All are reportedly effective in this case. Only one is free for home use, however.

A similar policy seems to apply at Apple stores, where staff are apparently instructed not to remove malware themselves (presumably because doing so is not covered in the customer "care plan") but to recommend the installation of reputable antivirus software.

Some of which may conveniently be available for purchase on the spot, of course.

Meanwhile, the "SEO poisoning" of Google Image Search seems to be a hot topic in its own right, and one which probably deserves its own (cross-platform) thread:

[krebsonsecurity.com...]

...

J_RaD




msg:4316091
 1:21 am on May 23, 2011 (gmt 0)


but to recommend the installation of reputable antivirus software.

Some of which may conveniently be available for purchase on the spot, of course.


OUCH, to add insult to injury they don't fix your problem and SELL your something else.

I guess its better then saying, oh your imac got infected shoot just toss it and buy another one.

travelin cat




msg:4316307
 3:17 pm on May 23, 2011 (gmt 0)

Looks like another even more insidious phishing email is out:
We've received a number of warnings from readers over the last couple of weeks about fraudulent emails that look a lot like official Apple emails. These emails are structured just like Apple's promotional emails, but are actually attempts to lure unsuspecting customers into entering their Apple IDs and other personal information. Such so called "phishing" attempts are common and readers should be wary about following links from any emails.

[macrumors.com...]

travelin cat




msg:4317415
 2:18 pm on May 25, 2011 (gmt 0)

Apple has published instructions on how to remove the Mac Defender malware:

[support.apple.com...]

incrediBILL




msg:4317432
 2:51 pm on May 25, 2011 (gmt 0)

This MacDefender thing was on the local news today and they said Apple is going to release some sort of "fix", whatever that could be.

weeks




msg:4319619
 4:10 pm on May 30, 2011 (gmt 0)

Here is some worthwhile information from our friends at SANS.org:
[isc.sans.org...]

Users must be active in the install to have to worry about this malware. It pretends to a "useful" program. It's mostly social engineering. So, to answer the question in the initial post, "Is the Mac now fare game? It used to be reasonably clear of scamware," I would say no more or less than before.

incrediBILL said...

I've always said the Mac was only secure because of it's relative obscurity in low numbers and now that Apple has managed to improve market penetration, so have the hackers.

wondering where all the smarty pants are now that always jump on windows security issues claiming Mac did it right... bwahahahaha
This smarty pants, for one, is right here, still very, very happy not to have all of the pain and suffering caused by the sloppy work of Windows. You can continue to believe the myth that Apple's OS is not superior in the real world, but that's not going to make it true.
J_RaD




msg:4320538
 2:20 pm on Jun 1, 2011 (gmt 0)

security by obscurity.... isn't security at all, and they've been waving that flag wayyyyy to long, only a matter of time until someone paid attention to all of these unlocked doors.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / The Macintosh Webmaster
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved