Fandom

Malware Wiki

MacSweeper

1,328pages on
this wiki
Add New Page
Comments0 Share
MacSweeper infecting a computer02:48

MacSweeper infecting a computer

Infection

Macsweeper buy

Screenshot from MacSweeper Software

MacSweeper is a rogue application that misleads users by exaggerating reports about spyware, adware or viruses on their computer.[1] It is the first known "rogue" application for the Mac OS X operating system. The software was discovered by F-Secure, a Finland based computer security software company on January 17, 2008.[2]

As of 2009, the official website for the application, macsweeper.com, is currently offline, although the home page for KiVVi Software can still be accessed.

Problems caused by MacSweeperEdit

MacSweeper could be downloaded through KiVVi software's (the company that makes the "rogue") website, as a drive-by download, or silently downloaded with another application. Once automatically installed, MacSweeper scans the computer and informs the user that many applications on their computer (such as iCal or Dashboard, safe pre-installed Apple applications) are "fat binaries or trash" and must be slimmed immediately. When the unsuspecting user tries to "Remove Objects", they are told that the trial version downloaded cannot delete the supposed trash. Then the user must provide credit card details to the company for a $39.99 "lifetime subscription serial key".[3]

ClonesEdit

MacSweeper's Graphical User Interface and behaviour is almost identical to another program that is published by KiVVi Software, Cleanator. Cleanator, however is designed for Windows operating systems. It is also very similar to the SpySheriff and SpyAxe applications, infamous for typosquatting Google. A paragraph from within the software that encourages users to purchase the full version is identical to that of SpySheriff.

RemovalEdit

Companies including McAfee, Symantec and Sunbelt Software have identified the threat and have posted removal instructions on their websites. Intego VirusBarrier and iAntivirus are capable of removing it too. SiteAdvisor, a division of McAfee has controversially given the site a green rating. However, SiteAdvisor's tests are conducted on PCs, that cannot recognise .dmg, the file format of MacSweeper.

Media AttentionEdit

MacSweeper has received a lot of media attention from websites including CNET[4] as well as others[5], as it is considered to be one of the first viruses for the Mac OS X operating system. Apple has always maintained on their website and in their advertisements that Macs are essentially 'virus free'.[6]

MacSweeper RespondsEdit

After F-Secure alerted Macintosh users about the rogue, MacSweeper responded on F-Secure's website, saying

I would like to explain all the situation, about MacSweeper.

We are really trying to make a good software, and you wont find any viruses/spyware/trojans/malware in MacSweeper (test it your self, if you don't believe me, you can use any type of firewalls, dissemblers, or other tools) .

The problem is that we are using selling partners that forces us to use this marketing type. We would like to leave them, we don't want to completely destroy Good Name of MacSweeper application.

Personally I adore Mac Platform, and it hurts to hear that the program you wrote is said to be some kind of "Rogue application" , i wouldn't like to destroy good manners of software written for it :((

I would like to say sorry for all inconveniences that we could bring to you, but believe MacSweeper is meant to be a useful application. You can ask Questions, and i will try to answer them!

Thank You! support@macsweeper.com}}[7]

ReferencesEdit

http://blog.intego.com/index.php?s=macsweeper

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.