Raid on Russian Firm May Have Taken Down MacDefender Malware

MacDefender was the most significant malware attack on the Mac in years, if ever. The threat started in May, infecting many less-savvy Mac users, and had become widespread enough that Apple was forced to release a special anti-malware security fix. The software would be downloaded when users visited certain websites and, once installed, looked to be legitimate anti-virus software. Unsuspecting users would get warnings of viruses infecting their system. By entering their credit card number, users could pay to "remove" the viruses.

Except it was all fake. There were no viruses, just a piece of software trying to trick users into handing over their credit card numbers.

macdefender dialog box
The hidden developer behind MacDefender continued to release new variants of the malware into the wild, resulting in a cat-and-mouse game as Apple continued to ban new variants of the software.

Then, one day, MacDefender simply disappeared. Richard Gaywood, at TUAW, pointed out that Apple hadn't updated its malware definitions -- the code designed to kill MacDefender -- since June 18.

Brian Krebs might have the answer:

On June 23, Russian police arrested Pavel Vrublevsky, the co-founder of Russian online payment giant ChronoPay and a major player in the fake AV market.

[...]

In May, I wrote about evidence showing that ChronoPay employees were involved in pushing MacDefender — fake AV software targeting Mac users. ChronoPay later issued a statement denying it had any involvement in the MacDefender scourge.

But last week, Russian cops who raided ChronoPay’s offices in Moscow found otherwise. According to a source who was involved in the raid, police found mountains of evidence that ChronoPay employees were running technical and customer support for a variety of fake AV programs, including MacDefender.

The last release of MacDefender occurred on June 18. ChronoPay's offices are raided June 23. A coincidence perhaps, or Russian law enforcement saving Mac users from fake antivirus software.

Popular Stories

Generic iOS 18 Feature Real Mock

iOS 18 Available Now With These 8 New Features For Your iPhone

Sunday September 15, 2024 10:09 am PDT by
Following over three months of beta testing, iOS 18 was finally widely released to the public on Monday, September 16. The update is available in the Settings app under General → Software Update on the iPhone XS and newer. Below, we have highlighted eight key new features included in iOS 18, and Apple shared a complete list of new features and changes last week. Note that Apple...
iOS 18 Public Beta Thumb 1

Here's When iOS 18 Rolls Out Today in Every Time Zone

Monday September 16, 2024 3:56 am PDT by
It's that time of year again. Apple is about to release iOS 18, which promises to bring a range of new features and improvements to iPhones worldwide. It's Apple's biggest software update of the year, and the company is expected to release it sometime today – Monday, September 16. Based on past releases, the update is likely to drop at around 10:00 a.m. Pacific Time/1:00 p.m. Eastern...
M4 Mac mini Black Ortho Cooler

Apple Leaks New Mac Mini With 5 USB-C Ports

Monday September 16, 2024 11:40 am PDT by
Apple has seemingly leaked the rumored next-generation Mac mini with five USB-C ports, according to a code change within Apple software that was discovered today by MacRumors contributor Aaron Perris. The code refers to an unreleased Mac mini model with an Apple silicon chip and five ports, which lines up with a previous report from Bloomberg's Mark Gurman that said the next Mac mini will be ...
apple silicon mac lineup wwdc 2022 feature purple

M4 Macs, New iPad Mini, and iPad 11 Expected at Upcoming Apple Event

Sunday September 15, 2024 5:29 am PDT by
Apple will likely hold another event in October this year to announce new Macs and iPads. If so, it would be the fourth time in the last five years that Apple has held an event in October. Last year, Apple held a virtual event on Monday, October 30 to announce new MacBook Pro and iMac models with the M3 series of chips. In his Power On newsletter today, Bloomberg's Mark Gurman reiterated...
16 pro

iPhone 16 Pro Demand Has Been Lower Than Expected, Analyst Says

Sunday September 15, 2024 3:58 pm PDT by
Apple analyst Ming-Chi Kuo today said demand for the iPhone 16 Pro and iPhone 16 Pro Max has been "lower than expected" since the devices became available to pre-order in the U.S. and dozens of other countries on Friday. Kuo said his data is based on a "supply chain survey" and shipping estimates listed on Apple's online store. Kuo estimated that sales of all four iPhone 16 models reached...
m4 iPad Pro Horizontal Feature Purple and Blue

Apple Pulls iPadOS 18 for M4 iPad Pro After Bricking Complaints [Updated]

Tuesday September 17, 2024 11:24 am PDT by
Apple stopped signing the iPadOS 18 update for the M4 iPad Pro models, which means the new software is no longer available to be downloaded and installed at the current time. The update appears to have been pulled following complaints from some iPad Pro owners, who found that the update bricked their devices. There are reports on Reddit from iPad Pro users who had an interruption in the...

Top Rated Comments

8ate8 Avatar
171 months ago
In Soviet Russia, anti-virus software....

No, I'm not gonna go there...
Score: 15 Votes (Like | Disagree)
MacRohde Avatar
171 months ago


Maybe I'm being too harsh, but anyone that falls for the old "YOU HAVE VIRUSES!!! Give us your credit card number and we'll get rid of them!" trick deserves what they get.

Yeah, you are absolutely being too harsh.

Just because you are a bit trustworthy and/or naive - or just very new to the world of computers - does not mean you "deserve what you get".
Score: 14 Votes (Like | Disagree)
GenesisST Avatar
171 months ago
Thank god Vladimir Poutine was infected unless this would have never happened :p

Now I'm hungry...

Poutine: http://en.wikipedia.org/wiki/Poutine
Putin: http://en.wikipedia.org/wiki/Vladimir_Putin
Score: 11 Votes (Like | Disagree)
D 5 Avatar
171 months ago
It was Apple's screte service i tell you :D
Score: 10 Votes (Like | Disagree)
Tom8 Avatar
171 months ago


In Soviet Russia, anti-virus software....

No, I'm not gonna go there...

In Soviet Russia, malware...oh screw it, I'm just happy to see them arrested.

I'll do it for you two


In Soviet Russia, anti-virus software infects you!
Score: 9 Votes (Like | Disagree)
Ryth Avatar
171 months ago
THROW AWAY THE KEY... or shoot them.

Siberia baby!
Score: 8 Votes (Like | Disagree)