Slashdot Mirror

← Back to Stories (view on slashdot.org)

First Scareware For the Mac

Posted by kdawson on from the rogue-cleaning-tool dept.

I Don't Believe in Imaginary Property sends us news from F-Secure of what they claim is the first rogue cleaning tool for the Mac. MacSweeper is a Mac version of Cleanator, hosted from a colo somewhere in the Ukraine. The article points out that the company's About page is lifted verbatim from Symantec's site. With the Mac's market share closing in on double digits, perhaps it's not surprising to see the platform targeted with crapware as PCs have been for years. The F-Secure author adds as a footnote that a journalist said to him something you don't hear every day: "I visited the macsweeper.com website. I know I probably shouldn't have but I used a Windows PC so I knew I wouldn't get infected."

12 of 301 comments (clear)

  1. Isn't any "cleaning tool" rogue on a mac? by Anonymous Coward · · Score: 5, Interesting

    The category of "cleaning tools" was rather dodgy even before the trojaned ones started showing up. The notion that getting infected by god knows what, running a little wizard, and being all ok again is insane. Both the notion that one can reliably detect malware that has already had time to romp with your system and the idea that infection is so routine that there should be tools to be run every few days for it are pretty gross.

    And now we have an example of this fine species showing up on a platform that doesn't really have malware. How could anybody trust a cleaner for a platform that doesn't, as yet, need cleaning?

    1. Re:Isn't any "cleaning tool" rogue on a mac? by Anonymous Coward · · Score: 2, Interesting

      The category of "cleaning tools" was rather dodgy even before the trojaned ones started showing up. The notion that getting infected by god knows what, running a little wizard, and being all ok again is insane.


      Well, the notion that Snake Oil sold by a carnie could cure you of Quinsy and Polio and whatever else people back then suffered from is pretty crazy too, but people bought it in droves. Heck a few years ago I remember being in a health food store and seeing a large jar of shark cartilage pills next to a book called "Sharks Don't Get Cancer." Miracle cures are nothing new and there will always be plenty of suckers to fall for them.

      And now we have an example of this fine species showing up on a platform that doesn't really have malware. How could anybody trust a cleaner for a platform that doesn't, as yet, need cleaning?

      I dunno, I'd say some recent switchers from Windows to Mac ("average" users, not the Slashdot know it all types) might feel a little naked without their antiviruses and all that. It's almost understandable, seeing as they've had years of conditioning that everything they do invites trojans and viruses. Kind of like how a New Yorker who moves to the suburbs is amazed he doesn't have to lock his car doors.

  2. I just checked with linux by Nikademus · · Score: 2, Interesting

    I just checked this using a PC with linux and clicking the "free scan' prompted me to download a .dmg program. I somehow doubt the dmg could have been executed on a PC...

    Either they changed their website, either the article lies on some points.

    --
    I gave up with the idea of an useful sig...
  3. Re:Yeah and moon is made from.. by necro2607 · · Score: 2, Interesting

    No kidding, I couldn't guess how many times I've written on Slashdot about how people used to upload trojan-horse programs to my server all the time and try to get me to run it. You know, malicious AppleScripts with a different application icon so it looks like something legit like a text doc or whatever. Except these days, Mac OS is designed with way more attention to these kind of possible "hacks", fortunately.

  4. Re:the shit hits the fan! by Mordaximus · · Score: 2, Interesting

    Exactly! There are too many Mac users all smug with the notion that their OS is super secure. Which is true, the system is secure - but the user is not. The first time they ignorantly run a malicious app that clean out the contents of their home they'll likely learn the distinction though.

    Personally I've never fretted over having to reinstall an OS. I typically clean install with every major release. What I dread is losing my data.

  5. Why Linux and Mac OS will be safe by Anonymous Coward · · Score: 2, Interesting

    Linux and Mac OS will never get the malware trouble Windows does for a good reason - the communities behind them.

    Windows has such a large userbase, there are many shady-looking shareware apps that work just fine and do what they're supposed to. The problem is that Windows has developed a culture of suckiness such that users can't readily tell the difference between a legitimate vendor and illegitimate software. I had a webcam where I had to obtain the driver on a website that looked ripe for hosting malware. There's also the issue of having everything ActiveX enabled and scripting-friendly that essentialy lets malware distribute itself.

    On both Linux and Mac, there is no ActiveX equivalent vulnerability, so the malware authors are going to have to work through the community.

    On Linux, repositories are peer-reviewed and open code is generally preferred over closed-source solutions. Since software is under review all the time, there's no place for malware to hide and it is quickly detected and shunned by the Linux community.

    On Mac, if an app is low quality, people generally gravitate away from that app and towards the better solutions. And the malware authors generally don't create a front that is believable. If you look at a lot of Mac dev sites, you will see that a lot invest a lot in fit, finish, and glitz. If the authors of Mac malware want to get anywhere, they'll have to find a way to auto-propagate malware - that or break into the Mac community - through recommendations by respected Macheads and investing effort into making their software appear usable. And by that time they've spent likely more effort than they're willing when there's the giant Windows bullseye just waiting to be shot at.

    If you go to the macsweeper.com website, you'll find they lifted Apple's home page and modified it to make it ugly. If a Mac dev can't even create their own good-looking website, why would I trust them with software on my computer?

  6. Re:Oh no! by webmaster404 · · Score: 4, Interesting

    No, it has a couple of advantages.

    1. Privileges, an ordinary user can't mess up the entire system. Unless the user is *really* stupid, they are not root and therefore do not have Write privileges on system-critical files. So even if you ran "rm -rf /" as a normal user, you would only lose the files you had access to and not break the system.

    2. Most software is installed through a repository. Now, I realize that Mac does not by default (although there are projects to port apt-get and the like to it) but most distros of Linux have a way of installing via the repository.

    3. Most first-party OS-X software is at least partly open-source including the key components of the OS such as the Kernel, Browser rendering engine, and some of the other utilities. This adds a layer of protection to prevent programming errors from not being noticed as anyone can look at the code and submit fixes to it. In addition, this adds security by having parts of Safari being looked at to prevent such flaws as drive-by-downloads which were a major problem of IE and a reason many Windows users got infected by malware.

    While it is true that if someone really wanted to mess up OS-X or were just plain stupid they could. However, the chances of Unix breaking from normal usage are far far smaller then those of Windows.

    --
    There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
  7. Re:Oh no! by Architect_sasyr · · Score: 3, Interesting

    While it is true that if someone really wanted to mess up OS-X or were just plain stupid they could. However, the chances of Unix breaking from normal usage are far far smaller then those of Windows.
    You need to meet some of my designers. I spend more time rebuilding OS X machines and correcting privileges than I do with the windows users... incidentally this never happened on the OS 9 installs, so the additional power that having a Unix system around can give is actually what is causing me and my users the most grief here.

    Your comments on OS code, whilst quite valid, are actually rather incorrect. Something that a lot of people seem to fail to remember with open source code is that the code IS available IF you wish to look at it. Personally I've never gone near the Kernel code, so I wouldn't have a clue if it is secure or not (perfect example of this: Firefox).

    My $0.02 AU, Ignore at will.
    --
    Me failed English...
    FreeBSD over Linux. If my comments seem odd, this may explain...
  8. Hi i'm MacSweeper Developer, listen to me by MacSweeper · · Score: 5, Interesting

    I would like to explain all the situation, about MacSweeper. We are really trying to make a good software, and you wont find any viruses/spyware/trojans/malware in MacSweeper (test it your self, if you don't believe me, you can use any type of firewalls, dissemblers, or other tools) . The problem is that we are using selling partners that forces us to use this marketing type. We would like to leave them, we don't want to completely destroy Good Name of MacSweeper application.
    Personally I adore Mac Platform, and it hearts to here that the program you wrote is said to be some kind of "Rogue application" , i wouldn't like to destroy good manners of software written for it :((
    I would like to say sorry for all inconveniences that we could bring to you, but believe MacSweeper is meant to be a useful application.

    You can ask Questions, and i will try to answer them! Thank You!

  9. Re:the shit hits the fan! by MacSweeper · · Score: 2, Interesting

    Actually there are known methods to do so. We are working for a long time in security sphere, and can ensure you that everything is vulnerable. But too keep Mac platform safe, we won't discuss it here. MacSweeper doesn't use any of the vulnerabilities, it is made to be Simple and powerful System Cleaner, and helps to warn people to be more careful. There are known security holes with cookies, so MacSweeper has its own database of dangerous websites and cookies. It secures unwanted cookies, the same way MacScan does. And I repeat, we love Apple and all their great products and we want to keep them clean and secure!

  10. Re:Hi i'm MacSweeper Developer by MacSweeper · · Score: 2, Interesting

    Thanks! Finally there is a man who can think wise :) TODO list, yeh, thats some minor mess up, but it really shows what we are doing and what we about to do in our application. At the moment we are rapidly working on new, most wanted features like Dead Applications files removal. It should work something like AppZapper, but users won't need to drop every application into some area, it will work even when you removed any application. Just finds and cleans, it's that simple!

  11. Re:Hi i'm MacSweeper Developer by MacSweeper · · Score: 2, Interesting

    Little snitch default location is not /Applications or ~/Applications, its stored in/Library/Little Snitch/ which is not a standard location for the applications, thats why it is in our TODO list, because we don't want it to be removed, if there are some other applications out there, which are not using standard locations, we will add them to list.