Mac fake anti-virus attack gets dirty to ensnare victims

The latest variants of the new Mac malware we have been tracking has an interesting payload that many people may not have realised yet.

It’s well documented that the fake anti-virus attacks attempt to trick you into believing that you have security problems on your Mac, and that you need to hand over your credit card details to buy a version which will clean-up your computer.

However, when we left an infected Mac running for a while unattended earlier today in our labs, we found that it would periodically open instances of the web browser and point them to various websites.

As you can see, the website isn’t necessarily the kind that you might want regularly popping up on your screen – especially if you don’t have an understanding wife or boss.

A quick look inside the code of the attacks, which Sophos is detecting as…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, on Mastodon at @[email protected], or drop him an email.