This week Microsoft informed that it suspects a link between fake security software now plaguing Mac users and hard charging family of identical software on Windows. Experts have labeled the phony security software as ‘rogueware’ and scareware’. This security software has for long been an outrageous thorn in Windows’ side. Researchers announced progressing this month the discovery of Mac-specific scam claiming that the appurtenance is heavily infected.

The software nags users with persistent pop-ups and fake alerts until they are presented with a price to squeeze the worthless program.

In order to alleviate the trouble of the program’s alerts and occasional pornographic page that pops up in the browser, a new turn dictated to make victims consider their computers have been hijacked. Hordes of Mac users pay 79.50$ for the worthless program as ‘registration fee’.

Well, it has been reported that Mac users are being hoodwinked into downloading the fake software on Apple’s support forums and augmented numbers to Mac-centric antivirus vendor Intego. It has identified at least three names for the similar product: MacDefender, Mac Security and Mac Protector.
It is conceived that the fraudulent program is the first security software scam on the Mac.
The engineers who work for the Microsoft Malware security Center (MMPC) said on Tuesday that the users browsing a web page posing a free online virus scanner get served perhaps Mac or Windows scareware.

O’Dea and Saade said that by utilizing Microsoft’s labels for the OS-specific versions of the fake security software, the site delivers scareware dubbed ‘Win32/Winwebsec’ while Mac gets ‘MacOS X/FakeMacdef’.

As per the evidences the similar cyber criminal, squad of scammers, made both the versions.

However, O’Dea and Saade mentioned numerous common features in the code of the two phony security programs. It involves nearly-identical URLs as the destination for ‘phone home’ transmissions, identical Web addresses in order to buy pages of the pair, and sharing the similar payment gateway, the website used by users to enter their credit card information to buy the useless utilities.

A filename altered from ‘buy.php’ to ‘mac.php’ changes the gateway from the Windows to the Mac version for the latter. It is said that Microsoft’s engineers doubt that builder of both the pieces of scareware is Russian in origin.

O’Dea and Saade continue that FakeMacdef holds most of its resources in a directory named ‘ru.lproj’, as against to ‘en.lproj’. This fortifies the suspect that the developer may be Russian.

According to a recent Microsoft analysis of 2010’s threat landscape, Winwebsec, the designation of the Windows part of the duo, is fast-climbing the family of scareware. Microsoft has released the tenth volume of its semi-annual security intelligence report last week. Microsoft declares that in the fourth quarter of 2010, its free malware cleaning tool had detected and deleted Winwebsec on over 600,000 Windows PCs. Log on to the web for details.