Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Fake AV software for Mac causing headaches for users

The software, also known as MacSecurity, has spread rapidly in the past month since Infosecurity first highlighted the fake AV, according to reports from news wires, including the BBC.

Like the much more common PC forms of so-called "scareware", MacDefender appears to scan computers, reports bogus issues and then offers to fix them for a fee.

The software also links to pornographic websites to trick victims into thinking their computer is infected and pressuring them into parting with cash.

Security experts say that, although such attacks are much lower than similar attacks aimed at users of the Microsoft Windows operating system, they do exist and cannot be ignored.

Although the attacks targets both Mac and Windows users, it may more easily trick Mac users as it sometimes poses as a legitimate security program called MacDefender, says Graham Cluley, senior technology consultant at Sophos.

Demonstrating how quickly the fake AV has proliferated among Mac users, ZDNet's Ed Bott reported that one AppleCare representative said the help site's call volume has increased four- to five-fold, with "the overwhelming majority] of our calls...about this Mac Defender and its aliases."

Meanwhile, over at Microsoft, a recent blog post from the company's Malware Protection Center has highlighted the similarities between the MacDefender attacks and similar fake AV exploits that target Windows.

"The product, which calls itself MacDefender, is being distributed in much the same format as its Windows-based cousins: through an imitation scanner interface which runs within the browser", the post noted.

To prevent infection of a Mac, the Microsoft Malware Protection Center has advised Mac users to disable Safari's "open safe files" feature to prevent an automatic download of the fake AV.

Portions of this article were first published by Computer Weekly

What’s Hot on Infosecurity Magazine?