New rogue software expected to target Mac users

Share this article:

A website claiming to sell Macintosh anti-spyware software may soon spring to life to try to infect users with malware and harvest their credit card information, a Mac security firm warned on Friday.

According to a security memo from Intego, the company discovered the Macguard website Friday morning during routine monitoring, Intego spokesman Peter James told Friday.

The website claims its software will search hard drives for malicious adware, spyware and trojans; clean files; eliminate threats and ensure privacy.

The danger is that users might enter their credit card information to purchase the fake software, James said. If a user does, the website may harvest their account information.

The website does not yet include a downloadable trojan, but James predicted that there will probably be one added at some point.

Intego discovered that the website is a near word-for-word spin-off of another malicious website that promotes “Winiguard,” another fake security program.

The Macguard domain was registered Sept. 18 to the same person registered for the Winiguard site, James said.

That site, according to Sunbelt Software, falsely informs users that their Windows machines are infected with viruses in hopes of duping them to purchase the rogue product. If they do so, their machines may become infected with malware and face degraded performance.

Some 30 million PCs are infected with some form rogue software, stealing $10 to $15 million a month from people who are desperate to disinfect their PCs, Ryan Sherstobitoff, chief corporate evangelist at Panda Security told Friday.

Panda Security recently posted a blog about this threat.

“It's probably the biggest profit-driving system we have seen in years,” Sherstobitoff said.

The majority of these threats target Windows users, but that could change as the Mac user base increases, he said. 

James said the threat is already growing and as Apple's market share increases, targeting Mac users is becoming more lucrative for malware creators.

“Mac users are much more complacent in dealing with security issues than Windows users because they are not as used to dealing with these dangers,” he said.

The potentially malicious Macguard site

The Macguard site had some obvious indicators it is fake. The graphic on the site is of a Dell computer with an Apple logo placed on it, according to Intego. In addition, the website is riddled with typos and mentions having “Full Mac OS X Security Center Support” when there is actually no Mac security feature by this name.

A message sent to Macguard was not immediately returned.

Share this article:

Sign up to our newsletters

More in News

Instagram iOS and Android apps vulnerable to session hijacking

Two researchers wrote about the Instagram app for iOS and Android is vulnerable to session hijacking because both send unsecured information through HTTP.

Report: Hackers stole data from Israeli defense firms

A report by Brian Krebs detailed the intrusions, which occurred between Oct. 2011 and Aug. 2012.

Neverquest trojan targets regional banks in Japan

Symantec researchers found a new variant of the banking trojan.