Fake antivirus tricks Mac users with Windows XP

Some Mac users, surely the most secure of all personal computers according to no one, have been “poisoned” by dodgy Google image searches.

It’s an SEO-based attack that is capitalising on the popularity of certain search terms such as Osama Bin Laden’s demise. Results bring up a fake anti-virus program, but the minds behind the hack aren’t shining the brightest.

Even on a Mac, the fake AV program will pop up a faux Javascript scanner that displays an “infected” Windows XP computer. Then users are encouraged todownload a .zip file with a name like BestMacAntivirus2011.mpkg.zip. Er…

Graham Cluley at Sophos reckons some Mac users may be tricked because the program poses as MacDefender. If a fake Windows XP scan tricks you on a Mac it could be argued you deserve a wake-up call to a point.

The malware worms its way into the computer if infected and tries to spread by encouraging other users to splash out on faux-software that doesn’t do anything but drain your wallet.

The Windows version is called Mal/FakeAV-FS and the Mac equivalents are OSX/FakeAVZp-B and OSX/FakeAV-DMP.