The MacSweeper application claims to wipe computers clean of compromising files but is only out to charge users a fee, researchers said. If users run the free scan, they are told their machines contain numerous privacy violations and security vulnerabilities.
But if users pony up the $40 fee to install the application and remediate the alleged security shortfalls, nothing gets fixed, Dave Marcus, security researcher and threat manager with McAfee Avert Labs, told SCMagazineUS.com today.
“It's what's known as a rogue application,” he said. “It does not do anything except to get you to try to pay for it. This is classic social engineering. It's getting you to download and install it.”
These bogus scanning tools are common on Windows platforms – SpySheriff and Cleanator are two examples – but this is the first time something like this has targeted Mac users, experts said.
“So what does the first Mac rogue application really mean?” Patrik Runald, senior technology consultant at Finnish anti-virus firm F-Secure, wrote today on the company's blog. “It means that with Mac's growing popularity and growing user base come certain problems that can't be ignored. Mac users will increasingly come under attack from bad guys.”
News of the scam comes as the 2008 Macworld expo opens in San Francisco, on the heels of Apple's most profitable year in history.
Marcus said that Apple may offer an inherently more secure operating system that Windows, but businesses deploying Macs should keep users educated and be ready to fend off future attacks.
In November, Intego, a Mac internet security and privacy software maker, discovered a DNS-changer trojan actively exploiting Mac operating systems.
“I think people need to be real cautious in going to sites like this to download stuff in the first place,” he said of the MacSweeper site. “They also need to seriously consider the same types of security software and anti-spyware that's commonplace in the Windows world.”
An Apple spokeswoman did not immediately respond to a request for comment.