Monday, January 14, 2008

MacSweeper First Rogue Application in Mac

Beware! First rogue application in Mac is here.


This rogue application displays a fake information, pretending that it is scans the user's system. It then displays a fake Alert, showing that bad cookies and files were detected.




Once the user click "Remove", it will download MacSweeperSetup.dmg and install MacSweeper.app - the rogue application.


There are two images or looks that links to this rogue application.

(1) The screenshot shown above is the image displayed when you visit this url:
http://scanner.macsweeper.com/scan.php

(2) The screenshot shown below is the image displayed when you get linked or redirected (Ex. you have been linked from Google.) to this url:

http://scanner.macsweeper.com/scan.php?landid=2&os=macos&depid
=maxc_clr07&cid=2271&parid=mc_346586211


*** This links to rogue site; Use at your own risk! ***


As of this writing, no security scanners detects it.


MacSweeper does not need root admin password to execute the application. In fact it is just a portable application and no installation required. Here's the screenshot below: