SophosLabs has “advised the Apple Macintosh community not to panic following the discovery of another Trojan horse Mac OS X platform,” according to a Sophos press release.
MacDailyNews Take: Okay, we’ll just continue sitting here fighting the completely nonexistent urge to run screaming through the halls of the palatial MDN headquarters.
Sophos continues, “Instead, Apple Mac lovers are advised to ensure that they continue to take personal computer security seriously and have a secure defense in place.”
MacDailyNews Take: You mean don’t fall for a dumbass Trojan? Relax, we’re Mac users, dudes. And, we do take personal computer security seriously, that’s one of the reasons we have Macs. As always, do not download, authorize, and install software from unknown, untrusted Websites or any other sources.
Sophos continues, “The Trojan, named Troj/MacSwp-B (also known as Imunizator), tries to scare Mac users into purchasing unnecessary software by claiming that privacy issues have been discovered on the computer.”
Sophos press release reads, “‘Windows users are no stranger to scareware like this, but it is rarer on the Apple Macintosh. Nevertheless MacSwp-B’s discovery does follow fast on the heels of other malware that has been identitifed on the Mac OS X platform in recent months,’ said Graham Cluley, senior technology consultant for Sophos. ‘Cybercrime against Mac users may be small in comparison to Windows attacks, but it is growing. Apple Macintosh users need to learn from the mistakes made by their Windows cousins in the past and ensure that they have defenses in place, are up-to-date with patches and exercise caution about what they run on their computer.'”
Full article here.
MacDailyNews Take: Interesting. A press release about scareware that tries to scare Mac users into purchasing unnecessary software from a “security software” peddler attempting to scare Mac users into purchasing unnecessary software.
We’re turning off our Mac OS X firewalls for the entire weekend in honor of the duplicity. Oh, wait, they’re already off. They’ve been off for a months. We never turned them back on the last time we switched them off to honor an AV peddler and, guess what, we’ve continued to surf the Web unimpeded just as we’ve done for the past 7+ years because we do not download, authorize, and install software from unknown, untrusted Websites or any other sources.
Here’s the deal: This “MacSweeper” from “IMUNIZATOR” claims to scan Universal “Binnaries.” That misspelling ought to be enough right there, but just to make sure:
Ignore this trojan and do not click “Start Scan” (or any of the other buttons), close and/or force quit the window. When run, regardless of the state of your Mac, Troj/MacSwp-B fraudulently claims that it has found several privacy violations. Users are then prompted to purchase this worthless trojan in order to “clean up” their system. Do not purchase the Trojan. Do not eat iPod shuffle.
Ah the joys of enterprising young souls. Scare us all into throwing our money away. Might work on switchers who only have ‘doze to relate to, though.
Don’t call me dude.
I hate that.
Don’t make me take you to church, young man.
How is this even a security issue? This is just an automated lying salesman. Hey, it’s progress. It used to be that you need a human Circuit City associate to scam you into buying sh*t you didn’t need.
——RM
“Do not eat iPod shuffle”
But I like mine with ketchup…. Why not?
We’re turning off our Mac OS X firewalls for the entire weekend in honor of the duplicity. Oh, wait, they’re already off. They’ve been off for a months.
Very foolish, MDN. Unless of course you’re running hardware firewalls…
You sound like the small-town proud resident, who never locks their doors and leaves the keys in the car, just because the neighborhood “has always been safe”.
Your confidence in OS X’s security is commendable, but there are some basic security steps one has to take regardless of platform.
What are the odds that Cookies, Caches, Universal Binnaries, etc. are all 2313.5MB? With that kind of coincidence karma, the owner of that computer needs to buy lottery tickets now!
In all seriousness, what website can I go to in order to try the Imunizator? I wouldn’t mind trying this on my test machine.
Is it me, or does MDN always take on the tone of Mac Fanboys that deride anything that hints and OS X insecurity and spins real examples of security flaws (the recent Safari exploit that netted a free MacBook Air) into “good job, we’ll be safer now that the flaw is found?”
“Relax, we’re Mac users, dudes. And, we do take personal computer security seriously, that’s one of the reasons we have Macs. As always, do not download, authorize, and install software from unknown, untrusted Websites or any other sources.” Wow, way to fuel the Mac-snobbery fire.
“Immune” has 2 m’s as well.
But the designers did such a nice job with the GUI. It’s not your standard “Interface Builder” junk. They made custom, shiny buttons, and a nice gradient. What’s more, they employed the security framework (ie, the padlock), which is not a trivial thing to program. You’d think with the amount of time these guys spent on coding this software, they could put their skills into something beneficial.
If I had a palatial headquarters, I’d run screaming down it every day, just because I can.
I wish the Redmond skunk works would just focus on their own scat instead of trying to create diversions.
I like cookies, mostly chocolate chip
JC! The sheer desperation of the attempt is telling enough.
What exactly does it do?
“You’d think with the amount of time these guys spent on coding this software, they could put their skills into something beneficial.”
Or at least put a little more thought into the glaring flaws.
how a firewall offers ANY protection?
Firewalls block traffic, except to services being used. How does that help? If I turn on file sharing, traffic on file sharing ports is not blocked. If I turn off file sharing, traffic is blocked, but it wouldn’t get through anyway, because file sharing is off!!!
Firewalls are placebos. AV software are band-aids designed to cover open wounds(known vulnerabilities). Neither is a real defense.
Turning your firewall off is pure folly.
You’ve got the security tools at hand. Use them.
As for the folly of running anti-virus, I am in agreement there.
However, I will admit to running a ClamXAV scan about twice a year, just to prevent passing a Windows virus along to the unfortunate.
What then, does the firewall do for you?
If you don’t have any services turned on, what is the firewall protecting? Then again, if you do have a service turned on, what is the firewall protecting?
Smug Mac veterans who are fairly savvy, feel free to mock this. But there are a lot of new Mac users who are former Windows users who’ve moved over to avoid spyware/viruses that used to plague them. WHY did it plague them? Because they engaged in behavior that put it on their PCs. Now they are using Macs, and guess what? They think they don’t have to worry because . . . they are using Macs. So, their bad behavior will continue on the Mac side of the fence, and the makers of malware know it. These little scareware programs are just the beginning. As the Mac installed base swells with disaffected Windows users, it will get worse. A lot worse.
> These little scareware programs are just the beginning. As the Mac installed base swells with disaffected Windows users, it will get worse. A lot worse.
Nonsense. The difference is that if a hacker compromises a Windows PC, they can do a lot things like make it a spambot to spread the compromise to other Windows PC. They can do a lot of things that are worth their time and effort.
If you compromise a Mac, you gain access to the user’s account, if anything. So much work for so little gain. It’s not worth the effort for the hacker. That’s why malware has not become epidemic on Mac OS X so far. That’s why it will continue to be highly publicized nonsense, the few times they appear.
Sophos isn’t kidding! I went to the Imunizator website and attempted to see if VirusBarrier could detect this in real time before it’s actually installed on my Mac and it detected this as “OSX.AngeloScan” and I placed this malware in quarantine.
Actually we have to stop being arrogant as Mac users and thinking a person is “stupid” for downloading this. It does not appear to be malware and the screen shot of this trojan looks very nice, like a legitimate app for OS X. A new user of OS X could very well fall for this one.
This is the second trojan in recent months that I know of that has been released for OS X. The first one was more malicious which prompted me to get VirusBarrier.
It’s been said for years that Macs will eventually be targets. With a market share that seems to grow daily, Macs will soon have a double digit market share, making them very lucrative for malware writers and hackers, especially considering that Mac users tend to be in higher income brackets.
I’m also running Intego’s NetBarrier Firewall which is far more secure and robust than the built in OS X firewall. Maybe this isn’t necessary to some of you right now but it will. I recently came from the Windows world, so I know first hand just how clever and sophisticated hackers can be if they set their minds to target something. As has been said many times, “It’s better to have and not need then to need and not have.”
@LordRobin
You’re joking right? I mean you can’t be serious in asking “how is this even a security issue?” Go back and RE-read the article ssslllooowwwlllyyy…and THINK about what you just read.
Do no eat Happy Fun ball*
*still legal in 35 states
How do i get rid of this iMunizator? The only way to gewt it off the screen was to click continue unprotected. I am a new Mac user and if could refrain from the sarcastic #*@#* with a helpful answer that would be appreciated.
Sophos continues, “Instead, Apple Mac lovers are advised . . .”
Because we’re all lovers? There’s some implied condescension in that statement just like calling Mac users, cultists or fanatics.
At least they didn’t call it MAC.
To mark Melancon: Try force quitting: Press command (Apple Key)+option+esc at the same time. Then, click Force Quit in the window that pops up.