In association with heise online

31 May 2011, 17:01

Russian payment processor said to be behind Mac scareware

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Malware icon According to a report by security specialist Brian Krebs, records indicate that Russian payment processor ChronoPay is connected with the recent outbreak of Mac scareware. ChronoPay denies any involvement with the Mac scareware.

Krebs identified two domains used by the scareware for payments, and On consulting the WHOIS information for those domains, he found they included a contact address of Documentation which was leaked in a security breach at ChronoPay last year detailed how ChronoPay both owns the domains and pays for the Germany based virtual servers that power it.

Those same leaked records also indicated that ChronoPay's financial controller owns Other Apple related domains were also being registered using the email address after the previous domains were cancelled by the registrar. So far though, these new domains have not been used by any known malware.

In a statement, ChronoPay denied that there was a connection between the company and MacDefender, and said it would "aggressively defend itself against any attacks on the company" and threatened legal action against any party who suggested it.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit