The fact that such a site is providing a Mac rogue antivirus is new, and extremely rare. (One thing to point out is that, in the past, these types of sites-very common vectors of Windows malware-only delivered Windows. The application itself cannot be quit easily, as there is no Dock icon. Upon installation, the application adds itself to the user’s Login Items, so it will relaunch each time the user logs in or starts up their computer. VirusBarrier X6’s real-time scanner detects this installer when it is downloaded:Īnd VirusBarrier X6’s Web Threats protection detects pages that serve this installer:Īfter installation, a program called MAC Defender launches, displaying its interface, and adding a menu item to the Mac OS X menubar (the small, orange shield icon in the image below, which becomes red when the program “finds” viruses): If the user continues through the installation process, and enters an administrator’s password, the software will be installed. The file is decompressed, and the installer it contains launches presenting a user with the following screen: The file downloaded is a compressed ZIP archive, which, if a specific option in a web browser is checked (“Open ‘safe’ files after downloading” in Safari, for example), will open. After this, JavaScript on the page automatically downloads a file. When a user clicks on certain links after performing a search on a search engine such as Google, they are sent to a web site that displays a fake Windows screen with an animated image showing a malware scan a window then tells the user that their computer is infected. ![]() Risk: Low in the wild, but not very widespread for nowĭescription: Intego has discovered a fake antivirus program called MAC Defender, which targets Mac users via SEO poisoning attacks (web sites set up to take advantage of search engine optimization tricks to get malicious sites to appear at the top of search results). Malware + Recommended MAC Defender Fake Antivirus Program Targets Mac Users – Intego Security Memo
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |