The “Security Alert” trojan, sometimes known as a ‘rogue antivirus’ attack, is making the rounds again. First spotted a few years ago, until recently the “web security” antivirus alert trojan targeted mainly PCs, tricking Windows users into downloading the evil ‘BestAntivirus2011.exe’ file by telling them that “To help protect your computer Windows web security have detected trojans and ready to remove them.” (Note the poor language usage.) Now this same tactic is being used to attack Mac users – all that has changed is the “Windows” to “Apple” and the file name (‘MacProtector.mpkg’ for Macs) – even the poor language remains the same! “To help protect your computer Apple web security have detected trojans and ready to remove them.” says the pop-up. Don’t fall for it, and whatever you do, don’t click on “Remove all”, which will cause the malware to be downloaded to your computer.
Fiendishly, the malware triggers a brand new browser window, which is made to look exactly like a Mac Finder window (on a Windows machine, it’s made to look like Windows Explorer), and then it puts the pop-up. You can see how people would be fooled, particularly when it looks like their own Finder or Explorer window, and it says that they have “detected trojans and ready to remove them.”:
Don’t fall for it; just close the page without clicking on any links or buttons, and you’ll be fine.
|Get notified of new Internet Patrol articles for free!
If you do happen to accidentally download it, the Mac trojan file you will want to remove is called “MacProtector.mpkg”, and the Windows one is called “BestAntivirus2011.exe”.
No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free? Thank you!
|Get notified of new Internet Patrol articles!