For some years now, FAKEAV variants have been plaguing Windows-based systems. Recently, this malware type has entered the Mac OS X scene. As with Windows-based FAKEAV variants, poisoned search terms are the most common infection Mac FAKEAV vectors.
Take, for example, the following poisoned search result:
Accessing the website while using a Mac will directly lead the user to the following page:
Clicking OK on the page above leads to a page that supposedly scans the system for viruses. (get enough) mac os.
In order to remotely control your customer's Mac running macOS Catalina, the steps below must be performed on the customer's Mac. You can connect to your customer's Mac in a view-only session and walk them through the steps using Chat, or send them these instructions to perform on their own. Provided to YouTube by SEEDTake a Walk Masta Ace ApocalypseDisposable Arts℗ M3Released on: 2005-02-15Auto-generated by YouTube. Take that time to stand up, do some stretching, take a walk, or get yourself a cup of coffee.As the app attempts to force you to take a break, there's no easy way to leave the break screen. If you are really determined to work during the break. Well, you can brighten up your screen to the max, and terminate the app from the menubar. Feb 06, 2012 Sorry to say this but now you will become a Slave to Apple and Mac OS X. Actually there is very little difference between the 2 platforms. As to the Executable file. Apple Mac OS X does not use Executable files (.exe). Those are for Windows based computers. Mac OS X uses.DMG files and.APP files.
After the fake scan is done, it reports the extent of the 'infestation' the user's Mac is suffering from.
Take A Walk Masta Ace
As you may have noticed, the page above closely resembles Mac OS X's Finder app whereas the FAKEAV 'scanning page' for Windows looks like Windows Explorer.
Clicking Remove all or any part of the page above results in the download of the file anti-malware.zip. This .ZIP file contains an installer package file (.pkg), which, if executed, installs and runs a downloader application into the system's Applications folder. This downloader application eventually downloads the actual FAKEAV application.
The first thing that the FAKEAV application does is to display the following loading screen:
The adventure of seal mac os. The FAKEAV application then scares the heck out of the user via the following:
Take note, however, that there may be some bugs in this particular FAKEAV software. The Infected Object/File is [ and the word Trojan is not spelled right. Though the scary notifications in red, found in the upper-right hand of the screen, may do the trick.
When the user becomes scared enough to click Cleanup, the FAKEAV application prompts him/her that the current copy is 'unregistered.'
Clicking Register displays a prompt where the user can enter a serial number.
In case the user does not have a serial number, there's still the convenient Buy button. Clicking it loads the following purchase page:
The page asks the user to choose among the available software licenses (the price of the 'Lifetime' license is a steal!). Most importantly, the page asks for the user's credit card information.
Take A Walk Mac Os 11
Entering your credit card details is an easy way for criminals to steal your credit card information. Users who entered their credit card details in the page above basically served these important pieces of information on a silver platter to the criminals behind this notorious scheme. With the criminals in possession of the user's credit card details, victims are now more susceptible to identity theft. What's worse is that the victims did not buy any real security software—after all, these variants are not named FAKEAV for nothing.
HELP FILE
How can I remotely control a customer's Mac running macOS Catalina using GoToAssist Remote Support?
New security features have been added to macOS Catalina (10.15) that require additional permissions for using the full feature set of the GoToAssist Expert desktop applications for Windows and Mac and/or RescueAssist. In order to remotely control your customer's Mac running macOS Catalina, the steps below must be performed on the customer's Mac. You can connect to your customer's Mac in a view-only session and walk them through the steps using Chat, or send them these instructions to perform on their own.
Note: Access to this feature is dependent upon your user group settings or your individual user settings, which are set by your administrator.
- On the customer's Mac, navigate to the System Preferences by doing either of the following:
- Click the System Preferences icon in your Dock
- On the Menu Bar, click the Apple menu then select System Preferences
- Click Security & Privacy.
- Click the Privacy tab.
- Click the Unlock icon in the bottom-left, then enter your Mac username and password.
- Click Accessibility in the left menu.
- For GoToAssist Remote Support, check the boxes to allow control for the following apps:
- g2ax_launchagent_customer
- GoToAssist Customer
- For RescueAssist, check the box to allow control for the LogmeinRemoteSupport app.
- In the left menu, click Screen Recording.
- Click the Privacy tab.
- For GoToAssist Remote Support, check the box to allow screen recording for the GoToAssist Customer app.
- For RescueAssist, check the box to allow screen recording for the LogmeinRemoteSupport app.