Just what you always needed - fake antivirus software pushed by a bit of social engineering... and it has a sting in the tail. :(

It's basically an extortion racket - fills your machine full of porn-popups you'll be desperate to get rid of, then offers to remove them... for a fee.

Which of course then exposes your payment details to the same gang of criminals that nobbled you in the first place.

http://www.bbc.co.uk/news/technology-13453497

I continue to be amazed at how many things of this sort appear as paid links on legitimate download sites. Go to cnet or similar and try to download, say, AVG or one of the better-known free antivirus programs. On some sites, you may actually find it difficult to locate the legitimate download link among the other "offers", most of which will be some form of malware.

Must say I have been more or less happy with Microsoft Security Essentials, but I don't suppose they are likely to offer a Mac version any time soon.

I continue to be amazed at how many things of this sort appear as paid links on legitimate download sites. Go to cnet or similar and try to download, say, AVG or one of the better-known free antivirus programs. On some sites, you may actually find it difficult to locate the legitimate download link among the other "offers", most of which will be some form of malware.


The difficulty is that it isn't the site owners who decide on the ads - it's all done by agencies who might in turn sob-contract to others still, and if any one of those agencies isn't kosher... or is kosher but has had a server compromised - then bad things can be injected into the stream.
The first thing the site owner knows is when the complaints start, as it's possible to target adverts regionally so the site-owner never sees the bad ones... of course by then it's too late.
One thing we often see in such malicious scripts is they write to your 'hosts' file to block your attempt to get to antivirus sites, or the sites of security-specialists that might help you remove the infection.
In Windows, they'll often block the update server so I'd expect to see the same behaviour in other O/Ss too.

One way you can mitigate these 'drive-by' attacks in Windows is to make sure you're never logged into an account with 'admin' rights on your machine when you surf... your browser can 'usually' only make changes allowed within the account you're using.
If that 'surfing' account doesn't have install rights that'll stop most attacks stone dead.
Linux enforces this behaviour by default - that's one reason it's attacked less often.

Presumably it's possible to do the same thing in a Mac - create an account with limited rights and use it all the time, except when you intend to alter the system in some way.

Let's be careful out there...

http://www.securityweek.com/dont-panic-over-latest-mac-malware-story

Don't Panic Over the Latest Mac Malware Story

http://www.securityweek.com/dont-panic-over-latest-mac-malware-story

That blatant astroturf is going to cause a lot of people a lot of problems if they're foolish enough to believe it.

The whole Apple industry has a huge vested interest in promoting the myth they're invulnerable when they're not.

That blatant astroturf is going to cause a lot of people a lot of problems if they're foolish enough to believe it.
Excuse me but I'm not understanding of your term there. "Blatant astroturf" refers to what . . . the article in the link I provided . . . or other? :confused:


The whole Apple industry has a huge vested interest in promoting the myth they're invulnerable when they're not.
I can't speak to this personally because I don't now nor have I ever had any real experience with a Mac, but I -can- say that I've been up on a soapbox for a long time telling people that just because they've got a Mac (or other) does -not- let them off the hook. Here's something else I -just- ran into for Mac users:

http://lifehacker.com/5805609/how-to-protect-your-computer-from-mac-defender-and-macguard

How to Protect Your Computer from Mac Defender and Its Counterparts

http://lifehacker.com/5805609/how-to-protect-your-computer-from-mac-defender-and-macguard



----- came back to add this -----

http://www.avinashtech.com/apple/remove-macdefender-macprotector/

How to remove MacDefender, MacProtector or MacSecurity malware

http://www.avinashtech.com/apple/remove-macdefender-macprotector/

Apple "Mac Defender" malware fix busted in 8 hours

From CNET (http://reviews.cnet.com/8301-13727_7-20067942-263.html): "Less than a day after Apple tackled the malware threats in OS X with an updated implementation of its malware detection technologies, the MacDefender malware developers have issued another variant that bypasses Apple's definitions to root out and remove the malware."

http://reviews.cnet.com/8301-13727_7-20067942-263.html

It's an arms race - it's be like this all the while now, first the good guys in the ascendancy, then the bad ones, nip & tuck.

Welcome to the world Windows users have been enduring for a decade or more. :(

It's an arms race - it's be like this all the while now, first the good guys in the ascendancy, then the bad ones, nip & tuck.

Welcome to the world Windows users have been enduring for a decade or more. :(

I can say it's definitely more.... FAR more. I remember way back when in . . . . . :rolleyes:

I can say it's definitely more.... FAR more. I remember way back when in . . . . . :rolleyes:

Back in the days when you spread a virus by forgetting to check your floppy-drive was empty before booting? :p

Back when mainframes were king, it was a lot less hassle... the rot started when individual users got machines, and PEBCAK was invented...

Back in the days when you spread a virus by forgetting to check your floppy-drive was empty before booting? :p

The first one I ever ran into that way was the "Stoned" virus which at that particular time was relatively benign.... but was soon modified into a much more malicious virus afterward. That was pre-windoze times. What it did was to infect your boot sector and then at random times during a DOS session it would pop up the message that "your PC is now stoned." Any time you put in a floppy it would infect that floppy so that you'd then pass it along to the next PC that you inserted that floppy into and -it- would become "Stoned'.

The first one I ever ran into that way was the "Stoned" virus which at that particular time was relatively benign.... but was soon modified into a much more malicious virus afterward. That was pre-windoze times.

That takes me back a bit - I saw that in our research department, one of the field-service team brought it in on an Osbourne...

Oh how quickly this has drifted to reminiscence - even nostalgia isn't what it used to be.

For those that came to computing later, this will be an education - for those who remember the days, it'll be a fun trip down memory lane...

Welcome to a bit of digital archaeology!

http://telehack.com/telehack.html