MacSweeper

From Wikipedia, the free encyclopedia

MacSweeper is malware that misleads users by exaggerating reports about spyware, adware or viruses on their computer.^[1] It is the first known "rogue" application for the Mac OS X operating system. The software was discovered by F-Secure, a Finland based computer security software company on January 17, 2008.^[2]

Contents 1 Problems caused by MacSweeper 2 Clones 3 Removal 4 Media Attention 4.1 MacSweeper Responds 5 References 6 See Also

[edit] Problems caused by MacSweeper

MacSweeper could be downloaded through KiVVi software's (the company that makes the "rogue") website, as a drive-by download, or silently downloaded with another application. Once automatically installed, MacSweeper scans the computer and informs the user that many applications on their computer (such as iCal or Dashboard, safe pre-installed Apple applications) are "threats" and must be removed immediately. When the unsuspecting user tries to "Remove Objects", they are told that the trial version downloaded cannot delete the supposed viruses. Then the user must provide credit card details to the company for a $39.99 "lifetime subscription serial key".^[3]

[edit] Clones

MacSweeper's GUI and behaviour is almost identical to another program that is published by KiVVi Software, Cleanator. Cleanator, however is designed for Windows operating systems. It is also very similar to the SpySheriff and SpyAxe applications, infamous for typosquatting Google. A paragraph from within the software that encourages users to purchase the full version is identical to that of SpySheriff.

KiVVi Software's 'About Us' page redirects to that of computer security software giant Symantec, which further confirms MacSweeper's non-legitimacy. ^[4]

[edit] Removal

Companies including McAfee, Symantec and Sunbelt Software have identified the threat and have posted removal instructions on their websites. SiteAdvisor, a division of McAfee has controversially given the site a green rating. However, SiteAdvisor's tests are conducted on PCs, that cannot recognise .dmg, the file format of MacSweeper.

[edit] Media Attention

MacSweeper has received a lot of media attention from websites including CNET ^[5] as well as others ^[6], as it is considered to be one of the first viruses for the Mac OS X operating system. Apple has always maintained on their website and in their advertisements that Macs are essentially 'virus free'. ^[7] Because of Apple's increasing market share, (largely due to its iPod digital music player and iPhone multi-touch smartphone) there are now more viruses being made for the Mac.

[edit] MacSweeper Responds

After F-Secure alerted Macintosh users about the rogue, MacSweeper responded on F-Secure's website, saying

"I would like to explain all the situation, about MacSweeper.

We are really trying to make a good software, and you wont find any viruses/spyware/trojans/malware in MacSweeper (test it your self, if you don't believe me, you can use any type of firewalls, dissemblers, or other tools) .

The problem is that we are using selling partners that forces us to use this marketing type. We would like to leave them, we don't want to completely destroy Good Name of MacSweeper application.

Personally I adore Mac Platform, and it hearts to here that the program you wrote is said to be some kind of "Rogue application" , i wouldn't like to destroy good manners of software written for it :((

I would like to say sorry for all inconveniences that we could bring to you, but believe MacSweeper is meant to be a useful application. You can ask Questions, and i will try to answer them!

Thank You! support@macsweeper.com"^[8]

The lack of detail on MacSweeper's website, however and exaggerated reports suggest that there are bad business practices at KiVVi Software.

[edit] References

[edit] See Also

• SpyAxe
• Computer Security