I’ve been getting pop-up adverts recently that suggest my Mac is running slow and that if I download this super-fixer-upper app it’s performance will improve dramatically.
What’s this about? Is it legit? The similarity in both tone and vocabulary to fake Viagra adverts has me suspicious …
Do not touch these ads with a ten-foot…er… pole.
I’ve had those pop up on a Windows PC, which would put them firmly into the scam-o-rama category.
I don’t know specifically about the pop-ups you’re seeing, but the fake anti-virus and fake performance improvement malware that has long been the scourge of Windows users has been crossing over to Macs. There has been a slow but steady rise in Mac malware over the past year or so. There are nowhere near as many malware samples targeting Mac as those targeting Windows, but they are out there, and I imagine the pop-ups you’re seeing are an attempt to spread them.
I didn’t think about this angle: that the Mac people aren’t used to seeing these evil pop-ups.
“But mommy, the guy just wanted me to get in his van and have some candy and pet his puppy… I didn’t know he was a BAD man.” 
Innocence lost.
Well come on. Anyone would fall for that.
What about modern Linux systems these days, and the various browsers that run thereon? Are they still pretty safe? Or is the mal-ware market catching on to this niche too?
Is Linux typically safe because it’s so well designed and malware-resistant, or just because the malware mongers haven’t paid much attention to attacking Linux (yet)?
There’s NO protection from this type of malware.
You explicitly give them permission to download and install this crap - it’s called “social engineering.”
the latter. Practically nobody uses Linux on their PC, and those who do are more likely to be technically-savvy than the average Windows PC owner.
Though that’s not to say there is no malware for Linux; the Slapper worm that went around some time ago, targeting the Apache web server on Linux.
I’d love to see a screen shot of the popup. Does it look like a Windows window?
The Windows window popups would appear sometimes on my machine if I didn’t turn off popups.
But even if it looks like a Mac window, ignore it. There was an exploit recently making use of Java (not JavaScript) that planted a trojan in Macs. Apple patched the vulnerability through Software Update with an newer Java plug-in that turned itself off until the user specifically turns it on.
Generally, the interwebs don’t use Java (not JavaScript) anymore.
There is malware for newer versions of Linux. Late last month, for instance, a couple of Java vulnerabilities were published that would allow an attacker to execute code on machines visting a malicious site. The folks at Metasploit demonstrated that it worked on at least the following configurations:
-Mozilla Firefox on Ubuntu Linux 10.04 (OK, a couple of versions old, but released in 2010)
-Internet Explorer / Mozilla Firefox / Chrome on Windows XP
-Internet Explorer / Mozilla Firefox on Windows Vista
-Internet Explorer / Mozilla Firefox on Windows 7
-Safari on OS X 10.7.4
That’s just the versions that Metasploit tested and published. Presumably it would work on other systems as well.
[QUOTE=Senegoid]
Is Linux typically safe because it’s so well designed and malware-resistant, or just because the malware mongers haven’t paid much attention to attacking Linux (yet)?
[/QUOTE]
I agree with jz78817 that the reason is primarily that Linux (and Mac until recently) hasn’t had enough market share to make it worthwhile to write much malware for it. However, that’s true only of the malware writers whose goal is to infect as many machines as possible. I suspect that the guys who are writing highly-targeted malware to attack a specific environment have been writing Linux malware for some time and have quietly gotten away with it. Recently researchers discovered a type of malware that infects only Mac and Linux and leaves Windows untouched (cite). Some researchers speculate that the malware was intended as part of a targeted attack against an environment that used those systems but not Windows. If you’re not trying to infect millions of machines, then the market share of the target OS isn’t a factor.
That’s the case with all code, though. Whether it’s malware or code written by the angels, Mac/Linux code is ignored by Windows, and Windows code is ignored by Mac/Linux.
Linux is really more tested – it’s open-source, so anyone can study the source and look for bugs that might make malware possible. And people do, because finding such a bug gives you great reputation in the community of Linux experts.
the market share of Linux is smaller, so the chance of infecting millions of computers is smaller. This is important to most malware writers.
the likely market share is even smaller, because many Linux users are tech-savvy, and far less likely to fall for such scams.
The thing everyone is missing is that this “exploit” doesn’t depend on any flaw in the OS. It will work across any OS, simply because it depends on tricking the user into installing the software. Really, it’s less sophisticated than emails that harvest login credentials by convincing users that they are authentic.
A lot of them are actually legally in the clear and don’t do anything “wrong” per se. Some of the windows scarewares do nothing worse than lie about the amount of viruses on your computer so you buy their software – but after the software is installed don’t harvest passwords or anything. Anything you pay for tends to be less likely to be completely evil than things that they offer for free.
