Raid on Russian Firm May Have Taken Down MacDefender Malware
MacDefender was the most significant malware attack on the Mac in years, if ever. The threat started in May, infecting many less-savvy Mac users, and had become widespread enough that Apple was forced to release a special anti-malware security fix. The software would be downloaded when users visited certain websites and, once installed, looked to be legitimate anti-virus software. Unsuspecting users would get warnings of viruses infecting their system. By entering their credit card number, users could pay to "remove" the viruses.
Except it was all fake. There were no viruses, just a piece of software trying to trick users into handing over their credit card numbers.
![macdefender_dialog_box macdefender dialog box](https://images.macrumors.com/t/tOEUI2RLaCwcBOBFEpNZAUonL-4=/400x0/article-new/2011/08/macdefender_dialog_box.jpg?lossy)
The hidden developer behind MacDefender continued to release new variants of the malware into the wild, resulting in a cat-and-mouse game as Apple continued to ban new variants of the software.
Then, one day, MacDefender simply disappeared. Richard Gaywood, at TUAW, pointed out that Apple hadn't updated its malware definitions -- the code designed to kill MacDefender -- since June 18.
Brian Krebs might have the answer:
On June 23, Russian police arrested Pavel Vrublevsky, the co-founder of Russian online payment giant ChronoPay and a major player in the fake AV market.
[...]
In May, I wrote about evidence showing that ChronoPay employees were involved in pushing MacDefender — fake AV software targeting Mac users. ChronoPay later issued a statement denying it had any involvement in the MacDefender scourge.
But last week, Russian cops who raided ChronoPay’s offices in Moscow found otherwise. According to a source who was involved in the raid, police found mountains of evidence that ChronoPay employees were running technical and customer support for a variety of fake AV programs, including MacDefender.
The last release of MacDefender occurred on June 18. ChronoPay's offices are raided June 23. A coincidence perhaps, or Russian law enforcement saving Mac users from fake antivirus software.
Popular Stories
Following nearly two years of rumors about a fourth-generation iPhone SE, The Information today reported that Apple suppliers are finally planning to begin ramping up mass production of the device in October of this year. If accurate, that timeframe would mean that the next iPhone SE would not be announced alongside the iPhone 16 series in September, as expected. Instead, the report...
Key details about the overall specifications of the iPhone 17 lineup have been shared by the leaker known as "Ice Universe," clarifying several important aspects of next year's devices. Reports in recent months have converged in agreement that Apple will discontinue the "Plus" iPhone model in 2025 while introducing an all-new iPhone 17 "Slim" model as an even more high-end option sitting...
Apple supply chain analyst Ming-Chi Kuo today shared alleged specifications for a new ultra-thin iPhone 17 model rumored to launch next year. Kuo expects the device to be equipped with a 6.6-inch display with a current-size Dynamic Island, a standard A19 chip rather than an A19 Pro chip, a single rear camera, and an Apple-designed 5G chip. He also expects the device to have a...
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Apple’s iCloud Private Relay service is down for some users, according to Apple’s System Status page. Apple says that the iCloud Private Relay service may be slow or unavailable. The outage started at 2:34 p.m. Eastern Time, but it does not appear to be affecting all iCloud users. Some impacted users are unable to browse the web without turning iCloud Private Relay off, while others are...
Apple is planning to release at least one iPhone 17 model next year with mechanical aperture, according to a report published today by The Information. The mechanical system would allow users to adjust the size of the iPhone 17's aperture, which refers to the opening of the camera lens through which light enters. All existing iPhone camera lenses have fixed apertures, but some Android...