This latest malware was discovered by Thomas Reed, lead researcher over at anti-malware firm, MalwareBytes (via 9to5Mac). It’s mechanism of infection is a simple one: you have to go to its website and download the phony anti-malware tool.
If you were to go ahead and install Advanced Mac Cleaner, you wouldn’t notice anything wrong initially. In-fact when Reed himself tried it out on a sandboxed machine to see how the infection might work, it didn’t appear to do anything.
However, on closer inspection, he discovered that a file within the software had claimed ownership of more than 230 different file types, so if you tried to open just about any file on your system, it would jump in and say you needed new, specialized software for it.
This is tricky, because it looks like a legitimate problem. The error message that appears is the same as the one that’d regularly appear when trying to open an unknown file type, making it hard for users to notice there’s a problem.
Fall for that, and you’ll be directed to a site which begins downloading a bunch of other useless software, like Mac Adware Remover and Mac Space Reviver, all of which are unlikely to benefit the system in any way. However, they arrive with a valid Mac certificate, so once again won’t set alarm bells ringing.
So far, it doesn’t appear that the malware seeks to spy on users or corrupt files. Instead, it seeks to install a huge number of tools, no doubt to make the developers money. But that could be almost as bad, since it could fill up your hard drive and slow your system until it’s a $1,500 brick.
As usual, for the less tech savvy out there, it’s probably best to follow the smartphone rules and stick to to the official app store for installing programs. If you do that, you’re mostly safe as even though there is a lot more malware aimed at Apple software these days, thanks to the rise of iOS and the iPhone and iPad, it’s still a small amount compared to the likes available for Windows systems.
