It pretends to find some very important things that may have been compromised, such as the Terminal application and the standard Unix utility test, also known to Unix shell programmers as [. The scanner doesn’t actually touch the hard disk while “scanning”, although on a Mac it can be hard to know without a hard disk light. In a similar social engineering trick as we have seen in Windows fake scanners it borrows it’s name from a legitimate website, MacDefender. Some of the downloads are a package installer that installs the fake software others simply a contain ready-to-run Mac application. zip file onto your Mac with a filename like “”. When you click or close the fake scanner page you are prompted to download a. Strangely when surfing to the compromised URLs you are first prompted with a JavaScript-based fake scanner that appears to show an infected Windows XP computer, even when surfing from a Mac. From rather innocuous terms related to global warming, to hot topics like Osama bin Laden’s death, users are being hit with fake anti-virus programs, this time delivering payloads to users of Apple’s Mac OS X. A massive SEO poisoning attack has hit Google, targeting Windows and Mac users alike.
