More is coming. Read the article in link below. According to it, Linux OSes and other browsers may soon be facing the same.Apple Macs Targetted By Crimeware Toolkit::Brought to you by TechWeb
May 03, 2011 (10:05 AM EDT) Apple Macs Targetted By Crimeware Toolkit..............Malware aimed at Macs has unexpectedly spiked in the early days of May. For starters, security experts are warning that the first-ever automated do-it-yourself crimeware kit that targets Apple OS X computers is now for sale on underground forums. ...............
..............Based on videos obtained by CSIS, Kruse said that the toolkit appears to be fully operational. "In the same way as several other DIY crimeware kits designed for PCs, this tool consists of a builder, an admin panel, and supports encryption," he said. "The Weyland-Yutani BOT supports Web injects and form grabbing in Firefox; however both Chrome and Safari will soon follow. The webinjects templates are identical to the ones used in Zeus and [SpyEye]." ................
.......Interestingly, on Tuesday, security software vendor Intego issued another Apple-related security warning, in this case for "MACDefender," which is new fake antivirus
software that targets Apple users. Also known as fake AV or scareware, such software pretends to be legitimate antivirus software, but in fact is fake software designed to con users into paying for it. Like much scareware, MACDefender spreads via poisoned search engine results, including searches relating to the death of Osama bin Laden. According to a post
to the SANS Internet Storm Center from Rob VandenBrink, a senior consulting engineer at Canadian consulting company Metafore, some users are reporting that the software demands $99 upon installation, payable immediately via PayPal.
According to Intego's security advisory
, the risk posed by MACDefender is relatively low, and while the scareware is circulating in the wild, it's doing so in relatively small quantities.
That said, the software does a good job of disguising itself as the real deal. Furthermore, the malware can also make a major nuisance of itself. "MACDefender also opens Web pages for pornographic websites in the user's Web browser every few minutes. This is most likely to make users think that they are infected by a virus, and that paying for MACDefender will relieve them of the problem," said Intego.
While the software is relatively harmless, it's interesting because to date no scareware creators have bothered to target Apple OS X computers. "In the past, these types of sites--very common vectors of Windows malware--only delivered Windows .exe applications," said Intego. "The fact that such a site is providing a Mac rogue antivirus is new, and extremely rare. While the site itself still shows a fake Windows screen, the rogue antivirus itself is a well-designed Mac application."..................