BBC News - Fake security software catches out Apple owners

(I wasn't sure where to post this so please move if it's in the wrong place)

Source

A fake security program for Apple computers called MACDefender has racked up a significant number of victims. Hundreds of people who installed the software have turned to Apple's forums for help to remove it. The program's tactic of peppering screens with pornographic pictures has made many keen to get rid of it. MACDefender seems to have been successful because of the work its creators did to make it appear high up in search results. The number of people seeking help was uncovered by ZDNet journalist Ed Bott. In a blog post, he wrote about finding more than 200 separate discussions on Apple's official forums about MACDefender. The volume of reports about the problem was "exceptional" in his experience, he said.

I personally find this a little amusing (not the software infection part, that's horrible) mainly because I hope it brings down some Mac users a peg or two. (I'm not tarring everyone with the same brush by the way.)

I work in the IT industry and generally see Windows machines nine times out of ten and a lot of what I see is scareware like the above mentioned. Now, what I also come across are enthusiastic Mac users who are under the impression that they can never ever get infected and how their machines are so wonderful and awesome and ohmigosh isn't Steve Jobs just the bestest in the world ... And then something like this happens and they just aren't prepared and have no protection. Heck, even Linux users (well I do anyway) scan files before transfering to another machine so as not to act as a carrier for malware.

Now, don't get me wrong, I don't hate Macs, I've used one in the past and they're not bad once you get the hang of them. If you've grown up using one then that's great, use what you're comfortable with but don't grow complacent and assume that Macs never get infected, when they clearly can and do.

Did you ever wonder why Windows gets the majority of infections and scareware?

One word: Profit

According to this Windows accounts for something like 85% of the OS market with Mac at around 5%.

Which do you think would make more money? It's a no brainer really for those manufacturing the scareware. If everyone used Macs, that would be the most targeted.

TLDR: Protect your system from infections no matter how secure you assume your system to be and always be careful about what you download onto your computer.

- Phoenix

Security through obscurity is a seriously stupid line of thought and now Apple (and their users) are going to pay for that kind of thinking. What bothers me the most about this whole thing is how instead of fixing the infected machines Apple reps are being told to not even confirm or deny if a users machine is infected and instead shuffle them off to buy AV software from Apple.

ZDNet also talks about how Apple is handling the situation.

reply to post by Helig

Important:
Do not confirm or deny that any such software has been installed.
Do not attempt to remove or uninstall any malware software.
Do not send any escalations or contact Tier 2 for support about removing the software, or provide impact data. Do not refer customers to the Apple Retail Store. The ARS does not provide any additional support for malware.

Just ... wow ... but then I expected this sort of reaction from Apple. I remember them essentially blaming user error for one of the iphone releases to do with the signal going down when you held it. Their response was "use it in your other hand" ... The mind boggles.

- Phoenix

The irony is, I guess that people 'Installed' MAC defender.... just in case there might be a problem...

In doing so then they installed software which was corrupt when actually, if they hadn't then things would be OK...

Having used Windows all my life I now use an i-MAC i5 at home and have a new MacAIR on my travels........... so far...brilliant , quick, easy to use and not all the issues associated with windows machines.......

For reference I have a paid for program which deletes unnecessary files and dubious stuff and touch wood it's all been ok so far.........

I would NEVER go back to using Windows...sorry..

PDUK

reply to post by PurpleDog UK


Some people are just "click happy" no matter what OS they use to be honest "ooo it's a popup, I'll just click yes so it goes away and stops annoying me". Following this, what's to stop similar scareware being released targeting the Mac market, especially now they can see that Apple will do nothing.

Don't apologise for switching from Windows, it's your choice and if you find it better suits your needs then awesome. At the end of the day, no OS is perfect for everything. I personally use both Windows and Linux about 50/50. They're tools that do a job, they don't have to look pretty or chic. The same components are used in both Macs and PC machines anyway.

People should just never assume that they are beyond infection, stay vigilant

- Phoenix

Haha, well said. Mac users are not safe, esp., now days. You think these hackers, don't know about Mac and alternative OS, think again. The fake security software attacks seem more common than thought, at least with people's computers I looked at after an attack...'you clicked on what?!' From what they replied, it wasn't even an intentional install, it was from a re direct link, etc.
I like an use Macs for Graphic Design, enjoy linux...Ubuntu... etc. Not a huge fan of Windows.

reply to post by dreamingawake


Yeah, the vast majority of infected machines that I see are either infected via torrenting or dodgy facebook application links.

Unfortunately some of the time you don't even need to click, like when this and this happened recently.

- Phoenix

The worst thing regarding this malware is that they used a name for it that was already in use for years by two other companies/persons. There are two real (and totaly unrelated) websites macdefender.com and macdefender.org that are now spammed with hundreds of complains/threats.

So the users who installed this obvious malware are even not intelligent enough to note that they make things worse if they send complains to the wrong ppl. The website macdefender.org already has removed all the english content due to all the attacks. So it's not just a harmless malware in the wild but those users who installed it (providing their password) also managed to let those ppl drop support for their software just to get out of the line.

reply to post by UnixFE


That was more than likely the creators intent to be honest so people would go "Oh, it appears to be genuine, I'll just put in my credit card details ... "

- Phoenix

Many of us on windows know all about the fake security software attacks (antivirus 2010 antivirus 2011 ECT ECT)and know how to stop them.(unplug your modem and kill the program then plug back in)
www.2-viruses.com...

Most hardcore MAC users have never seen these for Macs so they don't understand or know what to do.
So they buy into the scam to clean there computers.

Source

In short, if someone comes into your shop with a malware infected iMac stick your fingers in your ear and go la la la. If possible point behind the customer and go "oh look there is a badger with a handgun" and when they are distracted take an emergency coffee break. Apple has not officially acknowledged that the Mac Defender malware exists. In fact many of its users insist that it is official software which just needs an update to stop it serving up porn in pop-ups.

Oh wow

- Phoenix

I have no problem with Appleheads..
.. so long as they are inches from my bumper, back turned as i plow into them at 200kmphs.

Nope, they are coool joes.


Windows will never be beaten, its the mantle of the technogical world.

It got in first, it got in hard and it dominated long enough, its now to big to fail, or 'uninstall'

Apples good for those 'non-tech' types, the ones who want a cool gadget, a fad.

A good operating desktop is a powerful machine when you can use it to its potential.

Apple has its place, media, graphics, school kids... but I'll always use a PC to do what a PC Should do.. and an apple to keep me entertained on the train trip home.


'' foot note, i own a xoom.. I dont own a mobile phone, I dont have a facebook account and I dont own a PC/laptop. but I work in IT purely on windows servers '''

reply to post by Agit8dChop


Each has its own place. We use a mix of linux and windows at work plus one of my bosses uses a Mac too, so we have most bases covered



In case anyone reading needs/has friends that need to know:

How to remove MAC Defender Scareware

- Phoenix

Whilst the companies who produce OS's should take every measure to ensure their product is as secure as possible I do feel that schools, at least those in the UK, fail at teaching some basic good practice leasons on the potential hazards of using a computer attached to the internet. This would go a long way to help protect users, though of course, people still click things.

reply to post by Plesioplankton


Indeed. There should be more public awareness, maybe something like a computer M.O.T?

And yes, people will always clickyclicky things

- Phoenix

I think I tried to download this software, I remember it looked pretty official and had a good looking website and seemed legit. I cant find the software on my Mac so either I thought better and didnt download it or its hiding somewhere on my mac because I cant find any files on my computer associated with Mac Defender. The only problems Ive had since moving to a Mac is my hotmail account being used to spam my mail book with viagra adds. Dont know if that would have anything to do with it.

Apart from that my Mac has caused zero problems compared to my windows machines that seemed to be far less stable than the mac OS.

Originally posted by phoenix_zephyr
reply to post by Agit8dChop

 

Each has its own place. We use a mix of linux and windows at work plus one of my bosses uses a Mac too, so we have most bases covered

 

In case anyone reading needs/has friends that need to know:

How to remove MAC Defender Scareware

- Phoenix

edit on 20/5/2011 by phoenix_zephyr because: To add. Shalalalala.

OK after reading that I dont think I can of downloaded it.

Originally posted by woodwardjnr
The only problems Ive had since moving to a Mac is my hotmail account being used to spam my mail book with viagra adds. Dont know if that would have anything to do with it.

You've likely been caught out in a phishing scam then ie an email pretending to be from someone but it's not or a link from someone on msn that was compromised.

Have you changed your password since? Make sure it's a strong password - Password Guidelines

- Phoenix

reply to post by woodwardjnr


NO, this piece of scareware has NO WEBSITE. Those webpages are official webpages and unrelated to this stuff. If someone writes a virus named AmaZon would you believe that amazon.com is the website for this virus? Those 2 websites exists for years and this new scareware just used to have the same name. Those behind this stuff (in the meantime linked to someone in Russia) released the PC Defender a few years ago and now just named their new software MAC Defender.

There is no website for this 'company' or scareware. And of cause you can't contact those behind it as they obviously don't want to be reached by anyone (as otherwise the police would knock on their door pretty fast).

reply to post by phoenix_zephyr


Yeah i have changed my password now, it's......., Yeah was quite embarrassing having viagra adds being sent to everyone I know.