MacDefender caused a malware crisis for the Mac back in June 2011. At the time it seemed like an epidemic, but then after a short round of update Whack-A-Mole with Apple, MacDefender seemed to disappear entirely. In fact, Apple last updated its malware definitions on June 18.
On August 1, my ZDNet colleague Ed Bott wrote “Where did all the Mac malware go?”
The last time I saw Mac Defender in the wild was on June 23rd. This nasty bit of Mac malware made life miserable for Apple and its support technicians for the entire month of May, before fading away in mid-June.
New information suggests that Russian authorities may have busted the group responsible for one of the biggest scourges that the Mac has ever seen.
Brian Krebs appears to have linked ChronoPay to Mac Defender (via MacRumors)
On June 23, Russian police arrested Pavel Vrublevsky, the co-founder of Russian online payment giant ChronoPay and a major player in the fake AV market…
In May, I wrote about evidence showing that ChronoPay employees were involved in pushing MacDefender — fake AV software targeting Mac users. ChronoPay later issued a statement denying it had any involvement in the MacDefender scourge.
But last week, Russian cops who raided ChronoPay’s offices in Moscow found otherwise. According to a source who was involved in the raid, police found mountains of evidence that ChronoPay employees were running technical and customer support for a variety of fake AV programs, including MacDefender.
The last release of MacDefender occurred on June 18. ChronoPay’s offices are raided June 23. A coincidence perhaps, or Russian law enforcement saving Mac users from fake antivirus software.
This would be great news if it turns out to be true.
Photo: PS3hax
