October 17, 2008

New rogue software expected to target Mac users

A website claiming to sell Macintosh anti-spyware software may soon spring to life to try to infect users with malware and harvest their credit card information, a Mac security firm warned on Friday.

According to a security memo from Intego, the company discovered the Macguard website Friday morning during routine monitoring, Intego spokesman Peter James told SCMagazineUS.com Friday.

The website claims its software will search hard drives for malicious adware, spyware and trojans; clean files; eliminate threats and ensure privacy.

The danger is that users might enter their credit card information to purchase the fake software, James said. If a user does, the website may harvest their account information.

The website does not yet include a downloadable trojan, but James predicted that there will probably be one added at some point.

Intego discovered that the website is a near word-for-word spin-off of another malicious website that promotes “Winiguard,” another fake security program.

The Macguard domain was registered Sept. 18 to the same person registered for the Winiguard site, James said.

That site, according to Sunbelt Software, falsely informs users that their Windows machines are infected with viruses in hopes of duping them to purchase the rogue product. If they do so, their machines may become infected with malware and face degraded performance.

Some 30 million PCs are infected with some form rogue software, stealing $10 to $15 million a month from people who are desperate to disinfect their PCs, Ryan Sherstobitoff, chief corporate evangelist at Panda Security told SCMagazineUS.com Friday.

Panda Security recently posted a blog about this threat.

“It's probably the biggest profit-driving system we have seen in years,” Sherstobitoff said.

The majority of these threats target Windows users, but that could change as the Mac user base increases, he said. 

James said the threat is already growing and as Apple's market share increases, targeting Mac users is becoming more lucrative for malware creators.

“Mac users are much more complacent in dealing with security issues than Windows users because they are not as used to dealing with these dangers,” he said.


The potentially malicious Macguard site

The Macguard site had some obvious indicators it is fake. The graphic on the site is of a Dell computer with an Apple logo placed on it, according to Intego. In addition, the website is riddled with typos and mentions having “Full Mac OS X Security Center Support” when there is actually no Mac security feature by this name.

A message sent to Macguard was not immediately returned.

Related Articles
Related Topics

Sign up to our newsletters

More in News

Bitcoin mining botnet has become one of the most prevalent cyber threats

Fortinet researchers have tracked 100,000 new ZeroAccess trojan infections per week, making the botnet very lucrative to its owners.

House Intelligence Committee OKs amended version of controversial CISPA

House Intelligence Committee OKs amended version of controversial ...

Despite the 18-to-2 vote in favor of the bill proposal, privacy advocates likely will not be satisfied, considering two key amendments reportedly were shot down.

Judge rules hospital can ask ISP for help in ID'ing alleged hackers

Judge rules hospital can ask ISP for help ...

The case stems from two incidents where at least one individual is accused of accessing the hospital's network to spread "defamatory" messages to employees.