Known as MacSweeper, the program professes to be a tool to clean out and optimise performance on OS X machines.
Users are offered a free system scan which generates fake positive results and then demands payment in order to remove the so-called 'privacy violations'.
Once installed and purchased, however, it is unclear what MacSweeper actually does.
Security researchers at F-Secure and McAfee have reviewed the software and declared it to be a scam.
McAfee security research and communications manager Dave Marcus said that the group behind MacSweeper is also responsible for the infamous SpySheriff rogue PC security program.
Having perfected its craft on Windows, Marcus thinks that the group may now be setting its sights on Mac users who are less familiar with rogue tools and 'scan and scare' installation tactics.
"Social engineering can be very successful for the short term on the Mac," he said. "[Users] are not used to thinking in terms of rogue applications on their Macs."
Marcus added that the emergence of MacSweeper is "disturbing but not unexpected".
"The more businesses look at the Mac platform, the more you're going to run into this," he said.
MacSweeper is the second piece of unsavory software to use social engineering to attack Mac users in recent months. In November a DNS changing trojan for OS X was discovered on a number of fake video codec sites.
Marcus said that Mac users will need to respond to the attacks by becoming more vigilant about what they're installing and where it's coming from.
"They need to start paying attention to the kind of searches that they're doing," he said. "They have been in a privileged place until now."
Mac security goes rogue
By Shaun Nichols on Jan 17, 2008 3:26PM