Recently I got a call from a Mac user about the "Apple security center" report they got. My primary email/word processing/ppt/excel/web based stuff/photo editing machine is a Mac and, well no product called "Apple security center" exists for Apple or any reputable 3rd party company. I trot down to their desk to see what they have. This is the screen they got from some infected website as best I could tell:
http://dl.dropbox.com/u/13891659/Screen%20shot%202011-05-09%20at%203.01.27%20AM.png

We ran a full scan and thankfully the user didn't click anything and no infection was found. Some research indicate they little bastard app installs some sort of Trojan and will "remove" the "infections" for a small fee. Thankfully they noticed that they had more places devices listed on their Mac normally, which is partially what tipped them off.

Thats quite similar to one I encountered on my pc a couple of weeks ago. Was browsing and all of a sudden got a message "chrome is scanning your system for malware" or something similar.

Funny thought I, when did the Chrome browser become an AV? Then it showed similar "threats" to the above.
It finished off with presenting me with an install box and asked me if I wanted to download the fix.

Answer? Hit NO & scan scan scan ;)

Glad your user was sensible!

And yet, some people swear that MACs are immune to malware. :rolleyes:

Been seeing and dealing with the PC version of that for years. :mad: Some are easy to remove, some are a pain in the A** to get rid off! In those cases, in was easier to just back up their data and re-image the hard drive. I guess, It was a just a matter of time when the Macs would get hit with it.

And yet, some people swear that MACs are immune to malware. :rolleyes:
Not immune, just less damage/fewer victims for the same amount of effort. All computers can benefit from at least rudimentary AV/AS.

Been seeing and dealing with the PC version of that for years. :mad: Some are easy to remove, some are a pain in the A** to get rid off! In those cases, in was easier to just back up their data and re-image the hard drive. I guess, It was a just a matter of time when the Macs would get hit with it.

I have seen the PC versions before, however what impressed me eas the fact that they finally got around to imitating the Mac UI. It's not prefect, but for their target it apparently works.

Grammar and the font (Times) for the infection count is wrong to begin with.

Damn, now they're going after the Mac users too??? I guess I should have known it was only a matter of time.

I'm glad I saw this post. My mother uses a Mac, and has heard me extol the safety of Macs from malware, compared to PCs. My mother, while not exactly dim, is also likely to believe such scams.

I sent her a link to this thread as a means of giving her a heads-up.

What tipped me off? The grammar fail in the message. If it had been correct, it would have said "and is ready..".

I'm going to send this thread to my close friend. She swears by her Mac.

What tipped me off? The grammar fail in the message. If it had been correct, it would have said "and is ready..".

I'm going to send this thread to my close friend. She swears by her Mac.

I noticed that, too. A lot of scams are like that.

I'm actually reminded of the one my professor got where the message was almost legit, up until it said "Click here for the scan you computer".

I knew it was fishy. I told the prof so. Prof clicked the message anyway. We all saw it because the computer was hooked up to the overhead projector. My facedesk was the one heard 'round the campus.

Damn, now they're going after the Mac users too??? I guess I should have known it was only a matter of time.

Viruses and trojans for the Mac have always been around, just not in the numbers the PC gets. You have to do a better job of programming, or so I've been told.

I've never gotten either on my Mac. On the PC? Aplenty.

Still . . . eternal vigilance!

Aye. Just because most of the virus writers are MW-exclusive right now doesn't mean they won't branch out someday. They're kinda <<STATEMENT REDACTED>> very nice cool d00dz like that

Viruses and trojans for the Mac have always been around, just not in the numbers the PC gets. You have to do a better job of programming, or so I've been told.


Eh, not really. You just have to program differently. The main thing that has kept Macs mostly safe is their smaller market share. After all, if you're going to inflict irritation on random people, you want to hit the largest number of people possible. With Windows being on more than 80% of the computers out there (2008 numbers), most are going to aim their virii at Windows users, unless they have a specific vendetta.

And let's face it: Most Mac users aren't used to dealing with viruses. You have less chance of your virus being stopped by antivirus programs when the user base thinks they're safe enough not to buy one.

Grammar and the font (Times) for the infection count is wrong to begin with.

What tipped me off? The grammar fail in the message. If it had been correct, it would have said "and is ready..".
Well, with the "have detected," it would be "and are ready." :p

It baffles me that so many otherwise educated people can't tell that a supposedly official message would have been proofread and wouldn't have such glaring and multiple grammar mistakes.

^-.-^

Here is a real kick in the teeth for any Mac user:

Apple support to infected Mac users: "You cannot show the customer how to stop the process" (http://nakedsecurity.sophos.com/2011/05/24/apple-support-to-infected-mac-users-you-cannot-show-the-customer-how-to-stop-the-process/)

Here is a real kick in the teeth for any Mac user:

Apple support to infected Mac users: "You cannot show the customer how to stop the process" (http://nakedsecurity.sophos.com/2011/05/24/apple-support-to-infected-mac-users-you-cannot-show-the-customer-how-to-stop-the-process/)
"Everybody's clean and it can't happen here!" Frank Zappa, 1966

OP: Bet they have a wonderfully /sarcasm high click-through rate!

Here is a real kick in the teeth for any Mac user:

Apple support to infected Mac users: "You cannot show the customer how to stop the process" (http://nakedsecurity.sophos.com/2011/05/24/apple-support-to-infected-mac-users-you-cannot-show-the-customer-how-to-stop-the-process/)

After reading the memo, I can actually (after a fashion) understand the reasoning. Apple systems are designed around the concept that you can just jump in and do what you want without having to be tech savy, so it attracts those very types of people. Each of those procedures require going into areas that do require more than basic knowledge on what to do and Apple systems tend to not have prohibitive measures against OS corruption (a rename of a critical file is not uncommon and can render a system unstable.). Considering that any tech call center personnel will tell you just how easy it is for (l)users to screw up basic instructions, do you really want to chance them making the problem worse?

I imagine that stopping processes on Macs is much like making registry edits on Win machines - not something you would trust to a layperson of untested aptitude.

^-.-^

I should point out that on some variants of the M$-targeted scamware, clicking either button will do you in, and that the preferred way to avoid infection is to do the three-finger salute and terminate the process instead.

It's Command+Opt+Esc on the Mac.

It's worth noting that Mac users that are using Boot Camp to run Windows on their machines may have the same issues, depending on the virus. I would suspect that most viruses affect the PC partition, but there may be some out there that cause errors on the hard drive or the hard drive to behave erratically.

Anyone using a hackintosh (myself included :D) should be fairly safe as long as they have OS X and Windows each on their own physical hard drive. The Windows side may get affected, but the viruses (virii) shouldn't spread to the mac hard drive.

I should point out that on some variants of the M$-targeted scamware, clicking either button will do you in, and that the preferred way to avoid infection is to do the three-finger salute and terminate the process instead.

That is exactly what I do when I get something suspicious pop up on my screen :D

I should point out that on some variants of the M$-targeted scamware, clicking either button will do you in, and that the preferred way to avoid infection is to do the three-finger salute and terminate the process instead.

On the Mac, a "Force Quit" (command-option-escape) will work for this; I used it when this one popped up in my browser. It's mentioned in a support note (http://support.apple.com/kb/HT4650) they added yesterday.

I just got done cleaning the vista security malware off my roomies computer.

She clicked on what obviously to her looked like a normal alert from her windows security center ... :(

Thankfully I have malwarebyte on a thumb drive...

She clicked on what obviously to her looked like a normal alert from her windows security center ... :(

My son did that too. First I heard about it was when he asked..."why does Microsoft want me to pay to remove a virus from my PC?" :cry:

It was an evil thing :(