Only days after the revelation of internal Apple documents that instructed AppleCare and Apple store employees not to acknowledge the existence of Mac Defender and not to offer help in removing it from infected computers when asked by the users, the company has posted a support document that explains the situation and offers advice on how to avoid installing this malware and how to remove it.
“A recent phishing scam has targeted Mac users by redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus. The user is then offered Mac Defender ‘anti-virus’ software to solve the issue,” say Apple. “This ‘anti-virus’ software is malware (i.e. malicious software). Its ultimate goal is to get the user’s credit card information which may be used for fraudulent purposes.”
It goes on to explain that the malware in question is often disguised under the following names: MacDefender, MacProtector and MacSecurity, and they warn users against providing credit card information or their administrator password when asked by the rogue software installer.
“In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants,” it finally says. “The update will also help protect users by providing an explicit warning if they download this malware.”