First "Rogue" application (malware) for Mac: MacSweeper

[symphonix]

It looks like the first real bit of "rogue" software for the Mac has turned up, in the form of an app called MacSweeper. This is not exactly a virus; it can't be transmitted as such but instead tries to trick people into downloading and installing it, and once in it gives false reports in order to trick the user into buying the "full product" (aka kiss your money goodbye).

I'd say this is a timely reminder for all Mac users to only install software that you can trust and to remember that not everything you read on a webpage is true.

While I for one am not going to be worried about this one, a fair amount of work has gone into making both the application and the website fairly convincing to the novice user.

Here's F-Secure's report on it:
http://www.f-secure.com/weblog/archives/00001362.html

There are some interesting quotes in there:

Quote:

Even more telling that it's a scam is the fact that when you visit the MacSweeper website with a PC and click on "Scan", it will tell you that you have security vulnerabilities in folders that only exist on Mac like system_root/home. Fake? Oh yeah…

Quote:

Looking more at their website we found that they have copied the text describing the company directly from Symantec and just changed the name.

Quote:

"I visited the macsweeper.com website.
I know I probably shouldn't have but I used a Windows PC so I knew I wouldn't get infected."

Now that's something you don't hear everyday!

[michaelsanford]

Social as opposed to software engineering.

[symphonix]

Yes, thats a good way to explain it. There's a patch for it though:

End User Education
A vulnerability has been discovered in the human being whereby they may be encouraged to divulge secure information or grant high level access if presented with a specially crafted request, such as:

"Hi, I'm Bob and I work in IT here. Can you tell me your username and password?"

This update is recommended for all users of computers who genuinely believe they are the millionth visitor to greatsmilies.com and really have won $50,000 for punching a monkey.

----

Seriously, Apple should have done away with this vulnerability years ago by removing the screen, keyboard and mouse from their designs.