Mac Defender malware now spreading virally via Facebook
[UPDATE: Apple issues security update to detect and remove Mac Defender and variants, but still allows users to open known infected files!]
Mac malware has made the leap to Facebook and is now spreading virally, claiming to be a video of IMF boss Dominique Strauss-Kahn.
Security firm Sophos has the details:
The fake anti-virus attack first appears in your timeline as a message apparently posted by one of your friends.
In case you've been out of the loop, the text used refers to the news story of IMF chief Dominique Strauss-Kahn who is facing charges in New York over charges that he allegedly tried to rape a hotel maid.
People who know what they're doing will recognize this for what it is - a sick fakey headline and the promise of a video is used to entice people to click on the link which goes to a site pushing malware - in this case Mac Defender. For good measure clicking on the link also posts the same message onto the Facebook wall of the person clicking on the link - this helps find the next sucker victim.
Sophos senior technology consultant Graham Cluley calls it a 'a genius piece of social engineering.'
Needless to say, if you see this on Facebook, don't click on the link!
Apple has promised a patch for Mac Defender and its variants, but so far this hasn't materialized. [UPDATE: The Apple security update has just materialized.]
Windows users shouldn't get too cocky though, given that the same viral 'video' is being used to spread the Zeus botnet malware to the Microsoft crowd. Linux users don't get to play.
Additional coverage:
- Here's something Apple should spend some of that $65.8 billion cash reserve on
- Modern Mac owners need to ignore the dinosaurs and get protection
- You have malware on your Mac and you call Apple support ... what happens next?
- Apple to issue update to 'automatically find and remove' Mac Defender malware
- Mac OS X has you covered ... really?