Cyber criminals to copy MacDefender OS X malware scam in 2012

The rise of the infamous MacDefender malware in 2011 has set an example cyber criminals are likely to follow in the coming year, according to Mac OS X security specialist Intego.

The firm said that the emergence of MacDefender proved that malware can thrive in a Mac user community not accustomed to dealing with security threats.

First discovered in May, the MacDefender infection menaced users throughout the summer. Posing as a security tool, the infection used phony alert dialogues to convince users to pay a registration fee for the software.

When Apple took steps to isolate and block the infection, the malware was repackaged with workarounds to avoid detection.

Intego spokesman Peter James told V3 that MacDefender showed malware writers that targeting OS X systems was finally worth the time and effort.

Furthermore, the unfamiliarity many Mac users have with the social engineering tactics used by malware writers made them particularly prone to attacks.

"MacDefender made the malware community realise that Macs are a target," James explained.

"Mac users are not used to having these threats, and they don't know how to deal with them."

Social engineering tactics in general are expected to be prevalent in 2012. James noted that the closed nature of iOS and the strict controls of the App Store help keep malicious software from threatening most iPhones and iPads.

Apple's mobile devices, however, remain prone to the web-based phishing and fraud operations that target all desktop and mobile users.

"Phishing works, social engineering works and 419 scams work," he explained. "They all depend on a user's gullibility, and those things are not going to change."