Slashdot Mirror
Scareware Signed With Apple Cert Targets OS X Machines (threatpost.com)
msm1267 writes: A unique scareware campaign targeting Mac OS X machines has been discovered, and it's likely the developer behind the malware has been at it a while since the installer that drops the scareware is signed with a legitimate Apple developer certificate.
"Sadly, this particular developer certificate (assigned to a Maksim Noskov) has been used for probably two years in similar attacks," said Johannes Ullrich, dean of research of the SANS Institute's Internet Storm Center, which on Thursday publicly disclosed the campaign. "So far, it apparently hasn't been revoked by Apple."
"Sadly, this particular developer certificate (assigned to a Maksim Noskov) has been used for probably two years in similar attacks," said Johannes Ullrich, dean of research of the SANS Institute's Internet Storm Center, which on Thursday publicly disclosed the campaign. "So far, it apparently hasn't been revoked by Apple."
Turns out that it does install an updated version of Flash. Now that is scareware.
Holy shit, couldn't they just irreversibly encrypt all my files and delete the backups? I'd take that over a Flash infection any day.
Just cruising through this digital world at 33 1/3 rpm...