Raid on Russian Firm May Have Taken Down MacDefender Malware

by

MacDefender was the most significant malware attack on the Mac in years, if ever. The threat started in May, infecting many less-savvy Mac users, and had become widespread enough that Apple was forced to release a special anti-malware security fix. The software would be downloaded when users visited certain websites and, once installed, looked to be legitimate anti-virus software. Unsuspecting users would get warnings of viruses infecting their system. By entering their credit card number, users could pay to "remove" the viruses.

Except it was all fake. There were no viruses, just a piece of software trying to trick users into handing over their credit card numbers.

macdefender dialog box
The hidden developer behind MacDefender continued to release new variants of the malware into the wild, resulting in a cat-and-mouse game as Apple continued to ban new variants of the software.

Then, one day, MacDefender simply disappeared. Richard Gaywood, at TUAW, pointed out that Apple hadn't updated its malware definitions -- the code designed to kill MacDefender -- since June 18.

Brian Krebs might have the answer:

On June 23, Russian police arrested Pavel Vrublevsky, the co-founder of Russian online payment giant ChronoPay and a major player in the fake AV market.

[...]

In May, I wrote about evidence showing that ChronoPay employees were involved in pushing MacDefender — fake AV software targeting Mac users. ChronoPay later issued a statement denying it had any involvement in the MacDefender scourge.

But last week, Russian cops who raided ChronoPay’s offices in Moscow found otherwise. According to a source who was involved in the raid, police found mountains of evidence that ChronoPay employees were running technical and customer support for a variety of fake AV programs, including MacDefender.

The last release of MacDefender occurred on June 18. ChronoPay's offices are raided June 23. A coincidence perhaps, or Russian law enforcement saving Mac users from fake antivirus software.

Top Rated Comments

8ate8 Avatar
8ate8
127 months ago
In Soviet Russia, anti-virus software....

No, I'm not gonna go there...
Score: 15 Votes (Like | Disagree)
MacRohde Avatar
MacRohde
127 months ago


Maybe I'm being too harsh, but anyone that falls for the old "YOU HAVE VIRUSES!!! Give us your credit card number and we'll get rid of them!" trick deserves what they get.

Yeah, you are absolutely being too harsh.

Just because you are a bit trustworthy and/or naive - or just very new to the world of computers - does not mean you "deserve what you get".
Score: 14 Votes (Like | Disagree)
GenesisST Avatar
GenesisST
127 months ago
Thank god Vladimir Poutine was infected unless this would have never happened :p

Now I'm hungry...

Poutine: http://en.wikipedia.org/wiki/Poutine
Putin: http://en.wikipedia.org/wiki/Vladimir_Putin
Score: 11 Votes (Like | Disagree)
D 5 Avatar
D 5
127 months ago
It was Apple's screte service i tell you :D
Score: 10 Votes (Like | Disagree)
Tom8 Avatar
Tom8
127 months ago


In Soviet Russia, anti-virus software....

No, I'm not gonna go there...

In Soviet Russia, malware...oh screw it, I'm just happy to see them arrested.

I'll do it for you two


In Soviet Russia, anti-virus software infects you!
Score: 9 Votes (Like | Disagree)
Ryth Avatar
Ryth
127 months ago
THROW AWAY THE KEY... or shoot them.

Siberia baby!
Score: 8 Votes (Like | Disagree)
Read All Comments

Top Stories

tile sticker e1570533758981

Tile CEO: 'We Welcome Competition From Apple, But We Think It Needs to Be Fair'

Tuesday May 4, 2021 9:51 am PDT by
Just after Apple announced its AirTags, Tile CEO CJ Prober relayed his concerns about competing with Apple in the tracking space, and said that Tile would ask Congress to investigate Apple's business practices specific to Find My and item trackers. Prober this week did an interview with Bloomberg, where he further expanded on Tile's complaints about Apple and why he feels that Tile is...
Read Full Article453 comments
signal instagram ads3

Signal Shares the Instagram Ads Facebook Doesn't Want You to See

Wednesday May 5, 2021 1:29 am PDT by
Encrypted messaging app Signal has had a series of Instagram ads blocked from the social media platform, after it attempted to show users how much data the Facebook-owned company collects about them and how it's used to push targeted ads. In a blog post, Signal described how it generated the ads to show users why they were seeing them, simply by declaring upfront the information that the...
Read Full Article101 comments
tracking disabled ios 14 5

Analytics Suggest 96% of Users Leave App Tracking Disabled in iOS 14.5

Friday May 7, 2021 1:51 am PDT by
An early look at an ongoing analysis of Apple's App Tracking Transparency suggests that the vast majority of iPhone users are leaving app tracking disabled since the feature went live on April 26 with the release of iOS 14.5. According to the latest data from analytics firm Flurry, just 4% of iPhone users in the U.S. have actively chosen to opt into app tracking after updating their device...
Read Full Article184 comments
fortnite apple logo 2

Epic CEO Tim Sweeney Admits App Store's 30% Cut Is Similar to Consoles, Would Have Accepted Special Deal With Apple

Tuesday May 4, 2021 1:54 pm PDT by
Apple's legal battle with Epic Games is continuing on, and during the second day of the trial, Epic Games' CEO Tim Sweeney continued his testimony against Apple. Sweeney was grilled by Apple's lawyers, and made several points seemingly favorable to Apple. In addition to mentioning how he prefers Apple's iPhone and values Apple's privacy policies that he's aiming to dismantle, Sweeney...
Read Full Article210 comments
snapchat dark mode

Snapchat Rolls Out Dark Mode on iOS

Wednesday May 5, 2021 1:17 am PDT by
Nearly two years following the release of iOS and iPadOS 13, which included native, built-in, and systemwide dark mode, Snapchat, one of the world's most prominent social media networks, has finally rolled out a dark mode theme for iOS users. Snapchat began testing a dark mode theme of its app design late last year with a small group of iOS users. Now, Snapchat says that as of this week, it...
Read Full Article19 comments
netflix sign up

Apple Discussed 'Punitive Measures' Against Netflix for Dropping In-App Purchases

Wednesday May 5, 2021 11:03 am PDT by
As the Epic Games v. Apple trial progresses into its third day, Apple's internal documents and communications with various companies are continuing to surface, giving us some insight into the dealings that Apple has had around the App Store. Back in December 2018, Netflix stopped offering in-app subscription options for new or resubscribing members and instead began requiring them to sign up ...
Read Full Article427 comments
iphone 12 preorder purple

Apple Begins Transition to Randomized Serial Numbers With Purple iPhone 12

Wednesday May 5, 2021 9:17 am PDT by
MacRumors previously reported about Apple's plan to switch to randomized serial numbers for future products starting in early 2021, and this transition has now started with the new purple iPhone 12 model in multiple countries. With assistance from Aaron Zollo, host of the YouTube channel ZolloTech, we can confirm that the purple iPhone 12 released last month has a new 10-character serial...
Read Full Article82 comments
airtag 1

AirTag Anti-Stalking Measures 'Just Aren't Sufficient' Says Washington Post Report

Wednesday May 5, 2021 6:03 pm PDT by
The safeguards that Apple built into AirTags to prevent them from being used to track someone "just aren't sufficient," The Washington Post's Geoffrey Fowler said today in a report investigating how AirTags can be used for covert stalking. Fowler planted an AirTag on himself and teamed up with a colleague to be pretend stalked, and he came to the conclusion that the AirTags are a "new means...
Read Full Article414 comments
iphone 13 pro max dummy notch

iPhone 13 Pro Max Dummy Model Depicts Smaller Notch

Tuesday May 4, 2021 1:08 pm PDT by
Apple's iPhone 13 models are expected to feature a slimmed down notch, marking the first major change to the TrueDepth camera system since it was introduced in the 2017 iPhone X. We're still months away from the launch of the iPhone 13, but Lewis Hilsenteger of Unbox Therapy managed to get an iPhone 13 Pro Max dummy model that represents what we can expect from the new 2021 device. Dummy...
Read Full Article137 comments
iPad Pro July Shipping

12.9-Inch iPad Pro Now Delivers as Late as Mid-July

Wednesday May 5, 2021 7:10 am PDT by
While the new 12.9-inch iPad Pro is set to launch in the second half of May, orders placed today are estimated for delivery as late as mid-July on Apple's online store in the United States — some two months later. The new 11-inch iPad Pro is faring better so far, with some configurations available for delivery in the last week of May. The new 12.9-inch iPad Pro features a Liquid Retina XDR ...
Read Full Article78 comments