Mac Users Targeted by DIY Crimeware Kit

Malware and hackers increasingly targeting Macs

Apple has been cashing in on the increased attention it's garnered from the business and consumer worlds in recent years. Unfortunately, the ne'er-do-wells of the technology world continue to step up their attempts to get a piece of the action, targeting malware squarely at Mac users.

IT security experts, such as InfoWorld Security Adviser Roger Grimes, have argued that obscurity is the greatest security defense a platform can have, which is why Windows and Internet Explorer have historically been hit more successfully than Mac or Safari. Even just a couple of years ago, malware targeting the Mac -- such as MacSweeper, the first scareware for the Mac -- was something of a novelty, though the Mac OS had proven itself far from bulletproof. But as experts have predicted, Mac-honed malware is becoming more and more the norm.

One of the more notable developments of the Mac attracting cyber criminal attention is the emergence of what's purportedly the world's first do-it-yourself crimeware kit primed for Mac OS X. Recently announced in some closed underground forums, according to Danish IT security company CSIS Security Group, the tool enables users to build malware to turn victim Mac OS X machines into zombies with point-and-click simplicity.

The kit, called Weyland-Yutani Bot, comprises a builder that enables a user to create malware capable of Web injections and form grabbing, according to the kit's creator. It also boasts an administration panel and supports encryption.

Presently the kit supports Firefox and Chrome; support for Safari will follow, according to CSIS. Additionally, the creator of the kit claims that similar kits for iPad and Linux will be forthcoming.

The kit, by the way, costs about $1,000 -- payable only in virtual currencies such as WMZ.

The Weyland-Yutani Bot's emergence comes on the heels of other malware and scams aimed at the Mac. For example, Mac security company Intego reported Monday that scammers are distributing rogueware dubbed Mac Defender. The malware is designed to fool users into thinking their machines are infected with viruses so they'll fork over money for what is really a fake security program.

Additionally, in late February, Sophos reported that a bare-bones, easy-to-use Trojan called BlackHole RAT (remote access Trojan) had emerged. Among its tricks: informing users that "most people think Macs can't be Infected [sic], but look, you ARE infected!"

Stepping back further in time, Intego reported approximately 11 months ago that a high-risk spyware application called OSX/OpinionSpy had started spreading via a number of freely distributed Mac applications and screensavers found around the Web.

This story, "Macs users targeted by do-it-yourself crimeware kit," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.

Subscribe to the Security Watch Newsletter

Comments