Monday, January 26, 2009

Attacking Mac systems through false security tool

Who said that everything was for windows? ;-P

While the bulk of the various techniques of deception and infection are very common on Windows platforms, security is the responsibility of any system, regardless of their infrastructure or platform, so there are threats from rogue type (also called scareware) for Mac systems.

In this case, the recent false security tool called iMunizator (actually is not as recent :-) gave its first steps during 2007 and early 2008, but returned to the "cargo" again), you can be downloaded from various web sites that respond to a single IP address (67.205.75.10) hosted by Ukraine, a Web hosting company called iWeb Technologies Inc.

www.imunizator .com
www.imunizator .net

imunizator .com

imunizator .net

mac-imunizator .net


This malware shares "website" to other rogue much known across the IP 70.38.19.203:

Antispyware Deluxe (antispywaredeluxe .com)
Antivirus 2009 (antivirus-2009-pro .net)
Antivirus 2010 (av2010 .net)
Vista Antivirus 2008 (vav-2008 .net)

iMunizator is deploying its strategy of deception for some time, switching domain to revive, even changing his name (formerly MacSweeper).

One more interesting is that the transfer of shares to "buy" the wrong tool is done through a company called Plimus e-commerce, completely legal but Israeli origin with offices in central U.S. (San Diego and Silicon Valley) and Ukraine. That is why users will see in the address bar secure HTTPS protocol on any recommendation, and other safety guidelines that seek to demonstrate that we are operating from a trusted site.

The current malware seeking to obtain sensitive information from users to commit fraud in which a high rate of propagation felt windows platforms, but this means that the creators of malware is turning its sights toward new goals. Therefore, we must manage them good security practices regardless of the technology to which it applies.

More information about scareware:
Una recorrida por los últimos scarewawe
Una recorrida por los últimos scarewawe II

# Jorge Mieres

No comments: