New rogue software expected to target Mac users

Share this article:

A website claiming to sell Macintosh anti-spyware software may soon spring to life to try to infect users with malware and harvest their credit card information, a Mac security firm warned on Friday.

According to a security memo from Intego, the company discovered the Macguard website Friday morning during routine monitoring, Intego spokesman Peter James told Friday.

The website claims its software will search hard drives for malicious adware, spyware and trojans; clean files; eliminate threats and ensure privacy.

The danger is that users might enter their credit card information to purchase the fake software, James said. If a user does, the website may harvest their account information.

The website does not yet include a downloadable trojan, but James predicted that there will probably be one added at some point.

Intego discovered that the website is a near word-for-word spin-off of another malicious website that promotes “Winiguard,” another fake security program.

The Macguard domain was registered Sept. 18 to the same person registered for the Winiguard site, James said.

That site, according to Sunbelt Software, falsely informs users that their Windows machines are infected with viruses in hopes of duping them to purchase the rogue product. If they do so, their machines may become infected with malware and face degraded performance.

Some 30 million PCs are infected with some form rogue software, stealing $10 to $15 million a month from people who are desperate to disinfect their PCs, Ryan Sherstobitoff, chief corporate evangelist at Panda Security told Friday.

Panda Security recently posted a blog about this threat.

“It's probably the biggest profit-driving system we have seen in years,” Sherstobitoff said.

The majority of these threats target Windows users, but that could change as the Mac user base increases, he said. 

James said the threat is already growing and as Apple's market share increases, targeting Mac users is becoming more lucrative for malware creators.

“Mac users are much more complacent in dealing with security issues than Windows users because they are not as used to dealing with these dangers,” he said.

The potentially malicious Macguard site

The Macguard site had some obvious indicators it is fake. The graphic on the site is of a Dell computer with an Apple logo placed on it, according to Intego. In addition, the website is riddled with typos and mentions having “Full Mac OS X Security Center Support” when there is actually no Mac security feature by this name.

A message sent to Macguard was not immediately returned.

Share this article:

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.