Mac OS X Trojan horse aims to make money from Macintosh users

March 28, 2008 Sophos Press Release

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have advised the Apple Macintosh community not to panic following the discovery of another Trojan horse for the Mac OS X platform. Instead, Apple Mac lovers are advised to ensure that they continue to take personal computer security seriously and have a secure defense in place.

The Trojan, named Troj/MacSwp-B (also known as Imunizator), tries to scare Mac users into purchasing unnecessary software by claiming that privacy issues have been discovered on the computer.

Imunizator makes bogus claims about Apple Mac's privacy in an attempt to fool users into purchasing software.

"Windows users are no stranger to scareware like this, but it is rarer on the Apple Macintosh. Nevertheless MacSwp-B's discovery does follow fast on the heels of other malware that has been identitifed on the Mac OS X platform in recent months," said Graham Cluley, senior technology consultant for Sophos. "Cybercrime against Mac users may be small in comparison to Windows attacks, but it is growing. Apple Macintosh users need to learn from the mistakes made by their Windows cousins in the past and ensure that they have defenses in place, are up-to-date with patches and exercise caution about what they run on their computer."

Sophos experts note that the new Trojan horse is closely related to another piece of Mac scareware, MacSweeper, which was being deployed in an attack via online adverts on British TV websites last month.

"It's not unusual to see hackers repackage their malware in a variety of disguises to try and sneak it past anti-virus software," explained Cluley.

Earlier this week, Sophos reported that a man has been accused of breaking anti-spyware laws by allegedly scaring people into purchasing bogus Windows security software. Criminal attacks against Mac users, although much rarer, have become more motivated by money since late 2007.

In January Sophos published its annual Security Threat Report, which described how financially motivated hackers had targeted Apple Mac computers with malware for the first time.