mac-inspector

Drills to the core of the latest Mac rumours and news

a blog from

Thoughts on MacSweeper

  • Tweet this

Wow, with all the Macworld buzz, a rather important story has fallen through the cracks. Now that it's Friday and things have slowed a bit, let's talk about the MacSweeper story.

In case you haven't heard, MacSweeper is a piece of software that advertises itself as a cleaner/anonymizer tool to prevent others from discovering your unsavory browsing habits (not to be confused with "Mac Sweeper", an optimization tool last updated around 2005.) Users are offered a free scan, but cleaning the system will require a purchase.

According to more than one security company, however, MacSweeper doesn't really clean your Mac. In fact, it doesn't do much of anything except take your money.

18 Jan 2008

To clarify, MacSweeper isn't really malware in that it doesn't do anything particularly malicious. It doesn't download any trojans or steal info or create pop-ups.

MacSweeper is what is known as a rogue security program. It offers a fake scan which will always provide positive results in an effort to scare the user into making a purchase, then does nothing to actually fix the problem.

As one VNUnet.com reader noted, this is standard operating practice for a number of rogue PC apps. many will go even further, actually downloading additional malware. So what's the big deal?

The group behind MacSweeper is also believed to be the maker of Spy Sheriff, a rogue security tool for Windows which uses similar tactics to spread. And it spreads well.

Now, they're looking to expand to Mac users who are less familiar with the tactic and far less likely to have security software installed.

That's the big deal.

Social engineering doesn't exploit any security holes, so Apple can't patch it. Some security products are able to scan for suspicious behavior, but even that can be sidestepped by malware writers. Besides, only a minute fraction of Mac users actually use antivirus software, since there is almost no malware targeting the platform.

As one McAfee researcher noted, social engineering is cross-platform. As MacSweeper doesn't do much of anything guys had to do very little mac software development. Most of the work is done in HTML on the web site. Far easier than creating a trojan and finding a vulnerability to exploit.

Do you agree?

Add your comment

<p>A Deeper Look On MacSweeper, with developer comments:<br /> <a href="http://blog.iantivirus.com/2008/01/deeper-look-on-macsweeper.html"><a href="http://blog.iantivirus.com/2008/01/deeper-look-on-macsweeper.html">http://blog.iantivirus.com/2008/01/deeper-look-on-macsweeper.html</a></a></p>

Posted by: AngelO. 20 Jan 2008

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Recent posts

Related articles

Browse posts by date

Cal_navigation_previousJanuary 2012Cal_navigation_next
MonTueWedThuFriSatSun
       
1
       
23578
       
9101112131415
       
161819202122
       
232425272829
       
30
To send to more than one email address, simply separate each address with a comma.