Monday, August 8, 2011

RAID on the Russian company may have the malware MacDefender

MacDefender was the largest malware attack on the Mac for years, if ever. The threats began in may, infecting Mac users much less-savvy and became fairly common that Apple is forced to release a security patch special anti-malware. The software should be downloaded when users have visited certain Web sites and, once installed, seemed to be a legitimate antiviru software. Unsuspecting users would receive warnings of viruses infecting the system. By entering their credit card number, users could pay for viruses "delete".

Except that it was all false. There is no virus, just a piece of software to try to deceive users handing over their credit card numbers.

The developer behind MacDefender has continued to publish new variants of malware into the wild, resulting in a game of cat as Apple continued to prohibit the new variants of the software.

Then, one day, MacDefender simply disappeared. Richard Gaywood at TUAW pointed out that Apple had not been to update its definitions of malware - the code designed to kill MacDefender - since June 18.

Brian Krebs may have the answer: June 23, the Russian police arrested Pavel Vrublevsky, co-founder of payment online Russian labels giant and a major player on the fake AV market.


In may, I wrote on the evidence showing that the employee labels had offensive push MacDefender - fake software AV targeting Mac users. Later labels issued a statement denying that he had any involvement in the plague of the MacDefender.

But last week, Russian cops who raided the offices of Moscow labels found otherwise. According to a source who participated in the raid, police found mountains of evidence that the employee labels were run technical support and customer for a variety of false AV programs, including the MacDefender.

The latest version of MacDefender was held June 18. Labels offices are raided on 23 June. A coincidence perhaps, or the Russian law enforcement save fake antivirus software Mac users.

View the original article here

No comments:

Post a Comment