June 28, 2011
The Latest Activity from Mac’s Scareware Gang
The Scareware Gang, responsible for the most recent release of fake Mac security software, has updated their programs (known as Scareware) to elude the new updates Apple recently applied to its operating system. The newest sample released by the group cut through the system undetected by Apple’s antivirus patch. This new malware file can be identified on a host’s computer as mdinstall.pkg. If installed, this program creates fake MacGuard software.
Reaction from Mac Security Experts
Mac security experts are not surprised that this new variant is available in such a short amount of time after Apple released its patch. The attackers are clearly following the news and are extremely efficient with their releases. Known as, “Snow Leopard”, the Mac security patch warns users that they have downloaded fake Mac security software and cleans infected machines.
About the Scareware
Known as “rogueware”, the scareware released by the group creates bogus security software that indicates the host computer is heavily infected with viruses, malware, worms and other malicious code. Of course once the scareware program is installed, it constantly bothers users with pop-ups and fake alerts until they activate the software by paying for a key. The software demands between $60 and $80.
New Variants
The first instance of this virus was found at the beginning of May 2011. Since that time, several variants have surfaced, most of which automatically install without a password. The newest version, MacDefender, appeared within several hours of the release of the Apple security update.
Cat and Mouse Game
Experts predict that the Scareware Gang will continue to release a counter to Apple’s effort in an ongoing cat-and-mouse game. Since it appears to have worked many times, the group is making money off the bogus software. By releasing a new version when the update was announced and another version once the update was released confirms the group is right on top of everything. Continuously releasing counter-attacks proves the group is making money.
How the Update Works
The Apple update is based on individual fingerprints of code that allow the software to detect a virus. Therefore, the group changed part of the old code to bypass the antivirus system. Therefore, it is different enough where the code was not detected by the real MacDefender.
Mac will need to become more organized when dealing with the Scareware Gang or else they could lose loyal customers. Perhaps not announcing a new update or educating the public to these viruses would help them eradicate these annoyances.
Popular LinksCategories: Security Issues |
Tags: operating system,
password,
software,
system,
malware,
security,
viruses,
malicious,
virus,
making money,
malicious code,
worms,
Apple,
security updates,
Mac,
password security,
Mouse,
IT,
security software,
install software,
IT security,
security system,
antivirus,
IT experts,
POP,
attackers
Post comment: