Mac Malware spreading

Because of gamed SEO placements and poisoned links, some thousands of Mac users were tricked into installing a fake Mac security program.

Mac security vendor writes:

Intego has discovered a rogue anti-malware program called MACDefender, which attacks Macs via SEO poisoning attacks. When a user clicks on a link after performing a search on a search engine such as Google, this takes them to a web site whose page contains JavaScript that automatically downloads a file. In this case, the file downloaded is a compressed ZIP archive, which, if a specific option in a web browser is checked (Open “safe” files after downloading in Safari, for example), will open. The file is decompressed, and the installer it contains launches presenting a user with the following screen:

UPDATE: See Intego’s full security memo with detailed information about the MAC Defender fake antivirus.

PDG Recommends:

Sophos makes a free Mac security program. Read more about it in another post, and use it soon!

Apple will release a cleaner update for it as well. See their recent tech note.


Adobe updates Flash player for Mac

Adobe has released a critical update to its Flash Player software (the browser plugin) that fixes critical security flaws and gives users a better way of controlling whether they are being tracked on the Web.

The Flash Player 10.3 update, released May 12, lets users manage Flash cookies using their browser’s privacy settings or through a new, native OS control panel.

And at long last, Mac OS users will finally get automatic software update notifications. It has been a disgrace that it took so long for Adobe to provide this, but we’re grateful nonetheless.

Because of this missing update notice functionality, I just found out about it today, May 18.

You can check which version of Flash Player you have installed at Adobe’s site.

Annoyingly, the control panel does not use Sparkle to check for updates, but launches a new browser window.

Security for Mac

Mac OS X Security — Urgency is Growing for Protection

A client of ours, CHEN PR, handles the PR and social media strategy for Sophos. This is how we came across their free antivirus software for Mac.

As an all-Mac shop since we began in 1996, PDG & Associates has never used or needed antivirus software. For various reasons the Mac was not an easy or viable target for malware writers. But with Apple’s rising dominance in the computer industry perhaps it’s time to batten down the hatches!

Read a blog post by Sophos. Sophos created a free, award-winning antivirus program for Mac OS X.

Another columnist at ZDNET writes persuasively about the urgent need to prepare for the coming tide of malware. Read the article Why malware for Macs is on its way… by Ed Bott on May 5, 2011.

free Sophos Mac Antivirus Software
free Sophos Mac Antivirus Software

Intrusive consumer-tracking technologies

Are you aware of how large the site tracking industry is growing? WSJ reports about intrusive consumer-tracking technologies:

The 50 [sample] sites installed a total of 3,180 tracking files on a test computer used to conduct the study. Only one site, the encyclopedia, installed none. Twelve sites, including IAC/InterActive Corp.’s, Comcast Corp.’s and Microsoft Corp.’s, installed more than 100 tracking tools apiece in the course of the Journal’s test.

The companies that placed the most tracking tools were Google Inc., Microsoft. and Quantcast Corp.

* * * *

Some of our web clients need analytical visitor tracking tools, which are not used to build consumer profiles but rather to determine content popularity and effectiveness of Adword Campaigns and referral sources. They have not joined networks like Quantcast to track all of your activities across other websites.

Beware Tabnabbing Phishing Attacks

Beware Tabnabbing, a New Type of Phishing Attack
Wow. The number of ways you can be fooled into giving up your private logins through a web browser keeps growing.

Adam Engst at describes the attack using your browser history (you do purge it often, right)? See a demo at and read more at Krebson Security.

The lesson: keep your browser history clean, do not sign into any secure site from a tab left open, and block as many 3rd-party ads as you can with AdBlock for FireFox. And wait for Firefox to fix this bug in accessing global history.

Consumer privacy eroded by Flash cookies

Do you know about “Flash cookies” and consumer privacy? This Demystified blog has an excellent exposé… see also:

A pilot study of the use of ‘Flash cookies’ by popular websites.

We find that more than 50% of the sites in our sample are using flash cookies to store information about the user. Some are using it to ‘respawn’ or re-instantiate HTTP cookies deleted by the user. Flash cookies often share the same values as HTTP cookies, and are even used on government websites to assign unique values to users. Privacy policies rarely disclose the presence of Flash cookies, and user controls for effectuating privacy preferences are lacking.

There is a major advantage for an advertiser to employ Flash cookies, not the least of which is; they are virtually unknown to the average user. Equally as important from an advertisers perspective is; they remain active on a system even after the user has cleared cookies and privacy settings.

To call this a deceptive practice would be a major understatement. Crooked, immoral, fraudulent, illegal, are just some of the words that come to mind.

There are tools to help you delete these unwanted sneaky cookies… for Firefox, use BetterPrivacy.