Mac OS X users get targeted by crimekit malware

AN ADVANCED do it yourself crimeware kit is available that targets Mac OS X systems, showing that the bad guys are seeing Apple computers as more viable targets due to their increasing share of the market.

CSIS Security found a crimekit designed for Mac OS X on underground forums that looked very similar to ones targeting Windows PCs, with a form grabber, admin panel and the ability to support encryption.

The crimekit is fully operational and supports web injection and form grabbing in Firefox, with Chrome and Safari yet to come. Blackhats who have used crimekits might be familiar with the layout, as the webinjects templates are identical to the ones used in the Zeus and Spyeye malware kits.

Given the name Weyland-Yutani - which you'll recognise as the name of the shadowy company in the Alien movies - it is the first one of its kind to hit Mac OS X, said CSIS Security. It speculated that dedicated IOS and Linux releases could be coming as well.

It said, "CSIS finds this crimekit to be quite disturbing news since MacOS previously to some degree has been spared from the increasing amount of malware which has haunted Windows-based systems for years. This could have resulted in a false sense of security that might make Mac OS user especially vulnerable to a sudden and highly sophisticated attack."

Sophos also found a new massive SEO poisoning attack that targets users of Mac OS X. That prompts users to download file which either asks them to run a package installer or ready-to-run Mac application of software called MAC Defender.

Using typical scare tactics, it tries to get users to buy the fake anti-virus software by sticking in their credit card details, which they should already know that they really shouldn't do. µ