A huge SEO poisoning assault has hit Google, targeting Windows and Mac users alike. From quite inoffensive terms connected to global warming, to hot topics like Osama bin Laden’s death, users are being hit with false anti-virus programs, this time delivering payloads to users of Apple’s Mac OS X.
Some of the downloads are a wrap up installer that installs the fake software; others simply a contain ready-to-run Mac application. In a similar social engineering trick as we have seen in Windows fake scanners it pretends to be a legitimate Mac anti-virus program called Mac Defender. The scanner doesn’t actually stroke the hard disk while “scanning”, though on a Mac it can be firm to know without a hard disk light.
It pretend to find some very significant things that may have been compromised, such as the fatal application and the normal Unix utility test, also known to Unix shell programmers as [.It use a lot of social engineering counting redirecting your browser to quite offensive porn sites, although it does not come into view they are doing this to make money, simply to imply that you are infected.
It also uses scare strategy like your credit card data being at risk. The realism is that your credit card is only at risk if you actually try to buy the fake software. Sophos customers using the Sophos Web Security Appliance and Sophos Live protection are protected against these threats. Mac users with Sophos Anti-Virus for Mac are protected by the identities OSX/FakeAVZp-B and OSX/Fake-DMP. Windows users are protected against the Windows version known as Mal/FakeAV-FS.