MacSweeper redux

Matthew JC. Powell
31 March, 2008
View more articles fromthe author

SophosLabs announced this morning that a new bit of Mac "Scareware" is doing the rounds. Calling itself "Imunizator" it’s a variant of the MacSweeper program that appeared in January. As with MacSweeper, Imunizator tries to scare users into downloading unnecessary security software by claiming that security problems have been detected on their systems.

Also in common with MacSweeper, Imunizator (properly identified as Troj/MacSwp-B) does not, in fact, detect any security problems on your machine. It’s just there to scare you. Specifically, it’s there to scare you into paying for some bogus software to "fix" the non-existent security problems. Its motivation is entirely monetary. It’s not at all unusual for malware authors to "repackage" existing programs like this, as a way to dodge security software that has been made aware of its earlier incarnations.

Graham Cluley, a senior technology consultant for Sophos, said that "Windows users are no strangers to scareware like this, but it is rarer on the Macintosh". He reiterated earlier comments that malware on the Mac is still quite rare, but as the Mac community grows so will its attractiveness to profit-motivated malware authors.

The solution is ensuring that whatever security software you have on your computer (even if it’s just what comes in OS X) is kept up to date with all the latest patches. And, of course, be aware that scams like this are out there so you don’t get fooled.

Leave a Comment

Please keep your comments friendly on the topic.

Contact us