Mac fake anti-virus attack adopts new disguise

Mac Security fake anti-virusNew versions of the latest malware to hit Mac OS X users have come to light, following the discovery earlier this week of fake anti-virus attacks being spread by SEO poisoning.

Fake anti-virus (also known as scareware or rogueware) is commonly seen on Windows computers, of course, but until now has been rarely encountered on the Apple Mac platform.

The new variants, seen by SophosLabs, are calling themselves “Mac Security” rather than their previous disguise of pretending to be “MacDefender” (which, incidentally, is the name of a genuine security product for the Mac – adding to the confusion).


Mac Security fake anti-virus. Click for a larger version

Sign up to our free newsletter.
Security news, advice, and tips.

When I ran the fake anti-virus on a test machine it claimed that a number of innocent files, including Mozilla Firefox, were infected by viruses and told me I would have to register the program in order to cleanup the “infections”.


The fake anti-virus tells you that you need to pay money to get a version which cleans-up malware. Click for a larger version

It’s precisely these kinds of scare tactics which are regularly used by Windows-based fake anti-virus attacks to hoodwink innocent users into handing over their credit card details. Clearly whoever is responsible for this latest spate of attacks believes that there are rich pickings to be made from Mac users too.

Sophos detects the latest variants as OSX/FakeAV-DOE, and as we continue to encounter more waves of this attack we will enhance our detection to protect Mac users.

If you’re not a Sophos customer, but have a Mac at home, you can protect your Mac right now if you download our free anti-virus. It’s automatically updated to protect against the latest threats.

DownloadFree Anti-Virus for Mac
Download Sophos Anti-Virus for Mac Home Edition

<advert>
Oh, and did I mention that our free Mac anti-virus product recently won a rather prestigious award? ;-)
</advert>


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.