MacDefender Scam Connected To Russian Payment-Processing Firm

The recent MacDefender scam that has caused havoc amongst thousands of Mac users was perpetrated by a Russian online payment company, according to a new report.

The victims of the MacDefender scam, which was caused by a fake, malware version of the MacDefender antivirus software for the Mac OS, alleged that the fake version was redirecting them to macbookprotection.com and mac-defence.com.

According to Brian Krebs, a leading cyber security journalist from the US, when users would visit these sites they would then be asked to make a payment for the scamware.

“A few days after the first attacks surfaced, experienced Mac users on Apple support forums began reporting that new strains of the Mac malware were directing users to pay for the software via a domain called mac-defence.com,” Krebs wrote on his security blog.

Mr. Krebs also claimed that both these domains included the email address fc@mail-eye.com, owned by Alexandra Volkova, allegedly the financial controller of ChronoPay.

“I was unsurprised to find the distinct fingerprint of ChronoPay, a Russian payment processor that I have written about time and again as the source of bogus security software,” he added.

The MacDefender scam has rattled the Mac's reputation of being immune to online attacks, and could spur the development of Mac-based security software.