Ramblings of this guy you know!

Tech Stuff and random observations on life as I see it….

Its time has cometh – New Mac OSX Trojan Horse

I am sure that most of you reading this will already be aware of this issue, if so, move along… Nothing to see.. Likewise, if you are a user of Windows you can stop, point, say I told you so and then move on…. Otherwise please read on…

Users of Mac OSX have up until now been relatively immune to the virus problems occurring on Microsoft Windows which has had the largest market share for many years… It hasn’t lost it’s crown yet, but it has tipped slightly and late last year Mac sales tipped over the 10% level. This peeking over the parapets has come with it’s own set of problems…

It certainly isn’t the first virus to hit the Mac but its certainly the one that seems to have received the most press attention…. This particular one is going under the name MAC Defender which is similar in name to the legitimate site called MacDefender… It is also apparently coming out under the names Mac Protector and Mac Security too.. It has to be said, this Trojan is out to trap the unwary and a competent user will spot the Windows Explorer scan as false and will also (hopefully) be suspicious when asked to enter their password to install the application in the first place… However, you may want to make your less savvy friends and relatives know so they dont fall for the ploy.

The Trojan was identified by the Security firm Intego ( Link to the post here: “http://blog.intego.com/2011/05/02/intego-security-memo-macdefender-fake-antivirus/”) and it is spread through SEO poisoning (web sites set up to take advantage of search engine optimisation tricks to get malicious sites to appear at the top of search results).

If the links are followed, a javascript application is executed to tell you that a virus has been detected on your system… Clicking OK gives you your second warning that something is wrong as the page it displays looks distinctly “Windows” in nature… All sorts of malware will be detected and you will be given the option to download the Zip Archive of Mac Defender onto your Mac. If you have the option set to Auto Open “safe” files in the likes of Safari then the zip will open and a genuine Mac installer will run and install the software on your Mac. From there the program will open and inform you that you have viruses a-plenty on your system but when you got to clean your system then you need to register your application for a sum of money.

Intego have also said that their own VirusBarrier product will protect you from this Trojan.

More information and screenshots can be found on the Intego blog here: http://blog.intego.com/2011/05/02/intego-security-memo-macdefender-fake-antivirus/ and an update with notifications of new variants here: http://blog.intego.com/2011/05/05/intego-discovers-new-variants-of-mac-defender-fake-antivirus/

Here’s a link to an official Intego You Tube video showing you the whole infection process…


4 responses to “Its time has cometh – New Mac OSX Trojan Horse

  1. Pingback: I take a week off work and the Internet went to heck on a handcart « Ramblings of this guy you know!

  2. Pingback: It Bites: MACdefender Trojan on Macs « Ramblings of this guy you know!

  3. Pingback: Recent Tech articles – 13th-22nd May 2011 « Ramblings of this guy you know!

  4. Pingback: MACDefender: The fix – Apple shows the way! « Ramblings of this guy you know!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: