Just in time for Macworld: A rogue application dubbed MacSweeper

Just in time for Macworld: A rogue application dubbed MacSweeper

Summary: F-Secure claims to have discovered the first Mac rogue application--MacSweeper.According to F-Secure, MacSweeper is spyware that closely resembles its Windows cousin Cleanator.

SHARE:

F-Secure claims to have discovered the first Mac rogue application--MacSweeper.

According to F-Secure, MacSweeper is spyware that closely resembles its Windows cousin Cleanator. Here's how it works:

You install MacSweeper and it proceeds to "clean" your Mac of compromising files. This spyware is so diligent that it ALWAYS finds something to clean. All you have to do is buy the software.

Here's a screen of this spyware debacle courtesy of F-Secure.

macsweep.png

And to make itself look legit, MacSweeper cuts and pastes its description from security vendors like Symantec. These bogus programs aren't anything new, but the fact that one has surfaced on the Mac indicates that Apple's market share has been on a tear.

Topics: Apple, Enterprise Software, Hardware, Malware, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

40 comments
Log in or register to join the discussion
  • Hehe, suddenly marketshare is a factor?!

    [i]These bogus programs aren?t anything new, but the fact that one has surfaced on the Mac indicates that Apple?s market share has been on a tear.[/i]

    Malware authors don't care about marketshare, they target the worst OS out there. Seems like since Leopard came out, the worst OS is OS X! :)
    NonZealot
    • Malware vs exploits

      If I can get you to install something malicious then it's a market share thing. If I can exploit a vulnerability with out you even being a aware then it's a worst OS thing and market share still applies to a point. I just need enough market share to make it worthwhile.

      So really this doesn't bode well for Apple. All those Quicktime vulnerabilities and now they actually have enough market share to make it worth while for malware vendors....
      voska1
      • Exactly

        That was my point. Apple is popular enough now that it's worth being targeted.
        Larry Dignan
        • Marketshare

          This is half a story.

          Do you see this as a good thing? A little additional pain for Apple users will actually
          fragment the efforts of malware authors won't it? One of the contributing factors to
          the spread of malware has been a tech monoculture. If Apple, Linux, and Windows,
          shared the market equally, would it not follow that malware on any given platform
          would be more manageable?

          Apple users are going to be lectured by advocates of the PC platform, one with a
          dismal record of security consequences. The platform that has yet to properly
          implement non administrative computing is going to "be the bearer of bad news"?
          How about no.

          We are going to try not to get you too annoyed by saying thanks and backing away
          slowly. We don't want to be seen as complacent about security, we will accept the
          information that allows us to become more secure, its just that we're not going to
          accept it from you. The Windows ecosystem which has done little else but show the
          world how to be insecure, does not now get to lecture us.

          I'm sorry, but for 20 years Apple has provided a secure and stable platform for
          computing. What has ZDNet done for me lately?

          I think Apple and Apple users understand that security will increasingly be a
          concern, but a balanced and competitive market will be better for all of us. Those
          who will ill on Apple now, really don't get it.
          Harry Bardal
          • Your SMUG is showing

            You bet we get to lecture you. You live in a small delusional world my little friend. Time to open your eyes and step out of that corner coffee shop and into the real world.

            The success of the PC has battle harded both the platform and its users. There's plenty to learn from us.

            But YOU are free to ignore us. I wish you would in fact, because if your Mac has been killed from your SMUG and ignorance you'll probably not be able to post on this board.

            Have a Nice Day :)
            BFD
          • Why the Mac's market share is growing so rapidly

            It's more than likely in part because of the grief Windows has given its users.
            I predict with great confidence that within a few years a lot of the posters here at
            ZDNet, including the bloggers, are proud Mac-users. Let's return then and read what
            they have to say.
            Mikael_z
          • I swear . . .

            after reading the first intelligently and carefully worded paragraph or two, I said, "this sounds like Harry."

            I was right, of course.

            The voice of reason and logic.

            Spot on.

            aloha . . .

            b in hawaii
            brian ansorge
      • But that isn't what we are told with the MS targeted attacks

        We are told that marketshare means nothing and that malware authors always target the weakest OS. I do have to ask, with at least 151 variants of malware out there targeting Leopard (and none targeting Tiger), what is it, precisely, about Leopard that makes it such a tempting target for malware authors?

        Hmmm, or could it be that all those who stated malware numbers had nothing to do with marketshare were wrong, wrong, wrong? Naaaaaaa! :)
        NonZealot
        • You must consider the religion

          of the Mac faithful. ;-)
          No_Ax_to_Grind
        • In your drug-induced haze

          no doubt you think you are right. But the argument has always been that exploits are
          largely irrelevant to market share.

          But we all understand that you have wrapped your entire sense of self-worth into an
          operating system, so your rant is to be expected.
          frgough
        • Malware for profit

          The article describes a type of malware that is used for profit; you better believe it is based on market share.

          This type of malware either tries to get you to buy something directly, or it gathers information about your spending habits so new ways to entice you to buy can be developed.
          smarria@...
  • RE: Just in time for Macworld: A rouge application dubbed MacSweeper

    I think you can't spell 'rogue'
    martin@...
  • A rouge application?

    You must be thinking of the other Mac company. You know, the cosmetics one, M.A.C.
    RocketEater
    • LOL that's good

      fixed the headline. For the record I'm an idiot;)
      Larry Dignan
      • spelling still wrong on main News page

        It's still spelled wrong on the main News page.
        bmeacham98@...
  • How about information about the spyware?

    What does it do on the spying side?
    Eriamjh
    • Yeah...

      If all it does is scam you into buying software you don't need, it really isn't spyware... it's more like scumware.
      Hallowed are the Ori
      • Yawn....

        It still requires a dumba-$$ to install it. Download then mount then give the app permission to install. So it's still not a conventional "OMG! We randomly lost everything!" virus. IF it was created because of market-share it was created because of F-Secure's market-share.
        brent1a@...
    • Yeah, like does it require

      a password to install like any other Mac app that affects systems resources?

      I can't even start my Boot Camp XP partition as a VM in Fusion without supplying my credentials. Ditto for every Apple update.

      If this can be installed without privileges but gains elevated or system level privileges, then it's a security issue for OS X. If it requires the user to supply admin credentials, then it's a social engineering tactic that [b]EVERY OS IS SUSCEPTIBLE TO[/b].

      If it's the latter, then who cares?
      jacarter3
      • My OSs aren't susceptible to this attack

        [i]EVERY OS IS SUSCEPTIBLE TO.[/i]

        I couldn't get this malware to work on Windows or Linux so no, not every OS is susceptible to this attack, [b]ONLY[/b] OS X is vulnerable. :)
        NonZealot