For years, virus makers have been tricking people into installing trojans under the disguise of a program intended to actually remove trojans that weren’t there. They usually did so by disguising themselves as part of Windows XP – which was an obvious fake for anyone using any other operating system.
But today my boss ran into this and asked me to take a look:
(click image for full-size version)
Look at that imitation of the OS X Finder. Not perfect, but it’s pretty dang good! I wouldn’t expect everyone to be able to tell that it’s fake.
News of legitimate Mac trojans recently cropped up again, but it looks like they’ve gotten even more sophisticated with some pretty convincing fake Finder interfaces. People used to assume that Macs aren’t targeted for viruses for their lower market share, but it looks like that’s an even more unsafe assumption now. If you use a Mac, you aren’t exempt from being safe with your computer: don’t give it your Administrator password when you aren’t trying to install or update software. Any other time, it’s a trap!