New rogue software expected to target Mac users

Share this article:

A website claiming to sell Macintosh anti-spyware software may soon spring to life to try to infect users with malware and harvest their credit card information, a Mac security firm warned on Friday.

According to a security memo from Intego, the company discovered the Macguard website Friday morning during routine monitoring, Intego spokesman Peter James told Friday.

The website claims its software will search hard drives for malicious adware, spyware and trojans; clean files; eliminate threats and ensure privacy.

The danger is that users might enter their credit card information to purchase the fake software, James said. If a user does, the website may harvest their account information.

The website does not yet include a downloadable trojan, but James predicted that there will probably be one added at some point.

Intego discovered that the website is a near word-for-word spin-off of another malicious website that promotes “Winiguard,” another fake security program.

The Macguard domain was registered Sept. 18 to the same person registered for the Winiguard site, James said.

That site, according to Sunbelt Software, falsely informs users that their Windows machines are infected with viruses in hopes of duping them to purchase the rogue product. If they do so, their machines may become infected with malware and face degraded performance.

Some 30 million PCs are infected with some form rogue software, stealing $10 to $15 million a month from people who are desperate to disinfect their PCs, Ryan Sherstobitoff, chief corporate evangelist at Panda Security told Friday.

Panda Security recently posted a blog about this threat.

“It's probably the biggest profit-driving system we have seen in years,” Sherstobitoff said.

The majority of these threats target Windows users, but that could change as the Mac user base increases, he said. 

James said the threat is already growing and as Apple's market share increases, targeting Mac users is becoming more lucrative for malware creators.

“Mac users are much more complacent in dealing with security issues than Windows users because they are not as used to dealing with these dangers,” he said.

The potentially malicious Macguard site

The Macguard site had some obvious indicators it is fake. The graphic on the site is of a Dell computer with an Apple logo placed on it, according to Intego. In addition, the website is riddled with typos and mentions having “Full Mac OS X Security Center Support” when there is actually no Mac security feature by this name.

A message sent to Macguard was not immediately returned.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Reported breaches involving zero-day bug at JPMorgan Chase, other banks

Reported breaches involving zero-day bug at JPMorgan Chase, ...

Hackers exploited a zero-day vulnerability and gained access to sensitive information from JPMorgan Chase and at least four other financial institutions, reports indicate.

Data on 97K Bugzilla users posted online for about three months

During a migration of the testing server for test builds of Bugzilla software, data on about 97,000 Bugzilla users was inadvertently posted publicly online.

Chinese national had access to data on 5M Arizona drivers, possible breach ...

Although Lizhong Fan left the U.S. in 2007, the agencies responsible for giving him access to Americans' personal information have yet to disclose the details of the case to the public.