Watch out folks! Our researchers at SophosLabs Canada alerted me this afternoon to the world’s first JavaScript fake scanner trying to convince Mac users that their computers are infected by a virus.
This step is extra important on OS X as users will have to install the malware and enter in their administrative credentials for the privilege of infecting themselves.
Even worse, the attackers are poisoning search terms and images related to Mother’s Day. Simply searching Google for seemingly innocent content to honor your mum could end up with a malware infection.
Fortunately you don’t have to infect your own Mac to find out what the experience is like. We made this video so you can see it in action from the safety of whatever device you prefer to surf the internet from. Watch and enjoy:
Mac users who happen upon a poisoned search result it will pop up a fake anti-virus scanner written in JavaScript that looks just like the OS X Finder application.
Windows users aren’t left out… They get their own fake popup, which we have seen all too often.
Early this week I wrote that we were seeing Mac fake anti-virus software spreading in the wild in greater numbers than before. I also noted that the fake scanner used as a part of the social engineering to trick you into installing it looks like Windows XP.
I hope they weren’t listening.
The criminals behind these attacks seem to be using Google’s search auto-complete technology to determine the most popular search terms to poison.
You can see Google automatic suggestions in the screenshot at right. We chose “Mothers day poems for kids” from the list and sure enough, some of the results lead to infections.
Sophos Anti-Virus for Mac Home Edition is free, so why not protect your Mac?