New rogue software expected to target Mac users

Share this article:

A website claiming to sell Macintosh anti-spyware software may soon spring to life to try to infect users with malware and harvest their credit card information, a Mac security firm warned on Friday.

According to a security memo from Intego, the company discovered the Macguard website Friday morning during routine monitoring, Intego spokesman Peter James told Friday.

The website claims its software will search hard drives for malicious adware, spyware and trojans; clean files; eliminate threats and ensure privacy.

The danger is that users might enter their credit card information to purchase the fake software, James said. If a user does, the website may harvest their account information.

The website does not yet include a downloadable trojan, but James predicted that there will probably be one added at some point.

Intego discovered that the website is a near word-for-word spin-off of another malicious website that promotes “Winiguard,” another fake security program.

The Macguard domain was registered Sept. 18 to the same person registered for the Winiguard site, James said.

That site, according to Sunbelt Software, falsely informs users that their Windows machines are infected with viruses in hopes of duping them to purchase the rogue product. If they do so, their machines may become infected with malware and face degraded performance.

Some 30 million PCs are infected with some form rogue software, stealing $10 to $15 million a month from people who are desperate to disinfect their PCs, Ryan Sherstobitoff, chief corporate evangelist at Panda Security told Friday.

Panda Security recently posted a blog about this threat.

“It's probably the biggest profit-driving system we have seen in years,” Sherstobitoff said.

The majority of these threats target Windows users, but that could change as the Mac user base increases, he said. 

James said the threat is already growing and as Apple's market share increases, targeting Mac users is becoming more lucrative for malware creators.

“Mac users are much more complacent in dealing with security issues than Windows users because they are not as used to dealing with these dangers,” he said.

The potentially malicious Macguard site

The Macguard site had some obvious indicators it is fake. The graphic on the site is of a Dell computer with an Apple logo placed on it, according to Intego. In addition, the website is riddled with typos and mentions having “Full Mac OS X Security Center Support” when there is actually no Mac security feature by this name.

A message sent to Macguard was not immediately returned.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.