A security researcher suggests that the Mac Defender malware currently infecting Mac owners is linked to a Russian website, ChronoPay.
ChronoPay is expressed as “Russia’s largest online payment processor,” but also “an unabashed ‘leader’ in the scareware industry,” already connected with forged antivirus software. As the case with many Windows threats, Mac Defender and its variants try to deceive people into sharing credit card info by installing software that detects non-existent viruses.
An involment has been so far denied by ChronoPay. A blog post interprets that the company “completely and totally disavows the most recent blog postings and publications alleging a connection between ChronoPay and Mac Defender,” moving on to say that it “is not involved with Mac Defender in anyway, not [sic] are we involved with any virus production as has been alleged.” It promises to “aggressively defend itself against any attacks,” as well as “libel or interference with our legitimate business practices, in any country in the world where our companies [sic] good name is attacked or maligned.”